In the last few months, there have been several high-profile data security breaches that resulted in the theft of millions upon millions of non-public information records. Though much of the focus in the aftermath of the breaches was on personal identity theft and prevention, it?s important to keep in mind that not all the stolen data records target individuals. Business entities are also at risk. Vendors and partners that you do business with regularly will probably have record of your company?s non-public information, payment information, or tax ID number. In the wake of the major breach of Equifax that resulted in 143 million records stolen, there have been many questions raised about data security and breach notification laws. One of the most concerning issues was the long delay between when the breach was discovered by Equifax and when the public was notified of the breach. To help clarify how data breach notifications work and why it was technically acceptable for Equifax to wait as long as they did before notifying their customers, there are a few things you should know. State LawsOnly 47 out of 50 states currently have data breach laws. Alabama and New Mexico have proposed bills regarding data security and notification that are before their state legislature. The lone holdout on data breach laws is South Dakota, who has yet to propose a bill of any kind. Since each state has its own laws on data security, there are no unified standards, and laws vary in each state. For example, New York law requires that notification of a breach should be given in the most expedient time possible and without unreasonable delay. In Wyoming, however, notice of a breach must be reported within a reasonable time that is not to exceed 45 days after the entity learns of the acquisition of personal information. Florida requires notification within 30 days. However, these notification deadlines aren?t ironclad. Nearly all of the policies indicate that they will allow the entity to delay notification for cause. Reasons for delay vary from state to state, however, criminal investigations or national security are both common reasons that a delay in notification would be allowed. Federal Laws At the present, there are no comprehensive data breach laws on the federal level. While the Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach-Bliley Act (GLBA) are federally mandated regulations that do have data breach policies enforced by the federal government, they are industry-specific. There is no federal law that encompasses a general data security policy. Since Equifax is a financial institution, it?s required that they adhere to the standards set forth by the GLBA. Unfortunately for about half of American adults, the GLBA does not have a deadline for disclosure. The act merely says that the financial organization should notify the affected party ?as soon as possible?. Despite waiting 40 days before disclosing the breach, Equifax was following the regulations as outlined by the GLBA. In addition to having different notification laws for each state, other aspects of data security laws are just as diverse. Each state has different policies on who the law applies to, what constitutes a breach, who must be notified, how they must be notified, enforcement and penalties, and entities exempt from the law. Are you familiar with data breach notification […]

Have you ever used Google Maps as a GPS system to help you navigate a trip you are taking? In a lot of ways, Google Maps is even more dynamic than other dedicated online applications, and it?s certainly a better alternative than trying to decipher the lines of an atlas. Google Maps even lets you chart the distance between your location and your destination, which is a great way to get the total distance of your upcoming trip. Before we get started, we just want to make sure that you have the most up-to-date version of the Google Maps for your iOS or Android device. To do so, go to the Play store or iTunes store to update the application. First, open up your app and navigate to where you want to measure distance from. Just drop a pin on the location to find out how far it is. Next, expand the menu at the bottom and tap Measure distance. You?ll see the location in a set of crosshairs on the screen. You?ll next need to add another point–like, say, the nearest bend in the road. You?ll see the distance between the two points. For each point you place on the map, the distance between your points will be updated. Once you?ve done this, you can just tap the Measure Distance bar at the top. However, one thing to keep in mind is that the app will only tell you the distance between your destination and your current location if you drove there in a straight line. Chances are that you?re not going to be traveling in a straight line to your destination due to the lack of direct travel. You?ll be taking roads and pathways that wind around natural obstructions. Carefully place points on your map on streets you plan on driving. This will allow you to calculate the exact distance to your location. For more great tips and tricks, subscribe to White Mountain IT Services?s blog.

WPA2 has been the standard for securing a Wi-Fi access point, especially for businesses. However, WPA2 has a newly discovered flaw that allows a cybercriminal to reuse the encryption keys that are generated when a device and a router connect, which in turn allows them to intercept the data being communicated between the router and the device. This data could include credit card numbers, passwords, and any other information one would input online. Some networks could even allow data to be introduced from outside, for example, a website being infected with ransomware. Details about the vulnerability will be released on November 1st, which means there is potential that they will fall into the wrong hands if they haven?t already. This gives businesses about two weeks to make sure they are prepared. Currently, the biggest Achilles? heel is on the client-side, which means the computers, laptops, and mobile devices are the first priority to update, but network hardware such as access points and routers are important as well. Fortunately, Microsoft has already released an update to attend to this vulnerability, and Android devices will be rolling out updates during the coming weeks. Anyone running Windows 10 with automatic updates or has recently installed updates should have the fix. Other devices, including smartphones, tablets, and even your network routers and Wi-Fi access points should also be checked for updates. How to Tell if Your Business is Safe from the KRACK WPA2 Vulnerability For businesses, the most straightforward answer is if you are paying someone to monitor and maintain your entire network, they should be checking all devices to make sure they are patched to prevent this vulnerability. If you don?t have an agreement with an IT company such as White Mountain IT Services, or you don?t have someone on staff who is aware and knowledgeable about the potential threats to your network, it?s more than likely this vulnerability exists (along with many others). If you aren?t sure, reach out to us as soon as possible. White Mountain IT Services can help you keep your network patched and up-to-date. For more information, call us at (603) 889-0800.

Would you be surprised to hear that there are at least 1.4 million phishing websites set up each month? These numbers come from the Webroot Quarterly Threat Tread Reports, which estimate May 2017 as an all-time high for phishing website increase at over 2.3 million websites being set up during that month. This makes phishing one of the most prevalent methods of fraud in the world–in fact, phishing scams are the number one reason for data breaches all over the world. Here are three of the most notable phishing scams from 2017 that you may have missed. Amazon Shipping Phishing SchemeEarlier this year, there was a massive phishing scam which disguised emails as coming from Amazon. The emails appear to be legitimate, but when you click on the link located in the email, you?ll be directed to a domain that either has nothing to do with Amazon, or closely resembles it, but isn?t quite the genuine article. The emails try to convince users to confirm their login credentials by logging into a portal that looks like the actual login screen. Google Docs HackIf you?ve ever used Google Docs to share text documents with others, you know that you?ll receive an email with a link to the document. You should never click on links in unsolicited emails, but you?d think you can trust something supposedly coming from a big company like Google. The truth of the matter is that the phishing scheme was notable because it tricked users into granting permissions to third-party apps rather than hand over personal credentials. It?s part of a growing trend that sees phishing malware growing more sophisticated, which should be cause for concern for just about anyone–particularly business owners. IRS W-2 Tax Season Phishing ScamsYour business deals with employee W-2 forms and other information that?s important during tax season. In particular, tax season is a very popular time for phishing attacks, as users are expecting emails to confirm the submission of their tax forms. Recent phishing attacks targeting businesses asking for W-2 forms or other personal information can safely be regarded as phishing scams, and they only get worse during tax season. For more information about how to avoid phishing scams and other issues, reach out to us at (603) 889-0800.

The world?s most profitable consumer technology company is said to have something special in mind for their 10th anniversary flagship smartphone, while still rolling out two additional phones. Deciding to scrap the iPhone 7s, Apple has recently introduced the new iPhone 8, iPhone 8 Plus, and the iPhone X. For all those Apple aficionados out there, which device will you have to get your hands on? All three phones feature Apple?s new A11 Bionic chip, which brings a more efficient device performance–a qualification that every user willing to shell out a pretty penny for a new iPhone, must consider. The A11 comes equipped with two performance cores, which are up to 25 percent faster than the ones found in the iPhone 7, Apple?s most recent device offering. Additionally, the new chip offers four high-efficiency cores, which allow less resource-intensive applications to run efficiently to preserve the device?s battery life. The two versions of the iPhone 8 and the iPhone X have many similarities (as you?d expect), but one major difference the iPhone X offers is the display. The iPhone X not only features the use of an OLED display, it also takes a page from other smartphone manufacturers and removes the famous bezel and home button every other iPhone has featured. Traditionally, OLED displays offer perfect blacks and much more vivid colors than LCD displays (which have come standard on every iPhone for some time). The OLED display on the iPhone X is Dolby Vision and HDR 10 capable and has a resolution of 2,436 x 1,125–far superior to the 1080p display of the iPhone 8 and 8 Plus. The iPhone X also has a small cut-out at the top that actually dips into the screen a bit. This bar houses sensors and the front-facing camera of the device. As far as software goes, all three of the new devices run iOS 11. iOS 11 features a litany of new features that include a much-improved Siri, a new Control Center, and a redesigned App Store. Since the iPhone X does not come equipped with Apple?s standard Touch ID system, some tweaks in iOS will allow the edge-to-edge display to have a virtual home button. As a result, the iPhone X features Face ID, which scans a user?s face for authorization opening the phone, and more amazingly as a way to authenticate App Store purchases. The cameras on the devices are much improved. While the iPhone 8 has a single 12MP sensor, the cameras on both the iPhone X and iPhone 8 Plus have dual 12 MP cameras with an extra sensor that acts as an optical telephoto zoom lens. The iPhone X?s sensors both have optical image stabilization, while the iPhone 8 and the 8 Plus, only has it on one. As with the previous iPhones, all three options are IP67 water and dust resistant, and feature 7 MP front-facing cameras. The iPhone X absolutely wins in a design contest, but for functionality, the choice between these options will largely come down to price. With 64 GBs of onboard memory, the flagship iPhone X starts at a whopping $999, the iPhone 8 Plus at $799, and the iPhone 8 at $699. Can you justify paying the more than $1000 price tag on a device you will likely upgrade in one […]