The biggest difference between an on-premises and hosted cloud phone system is the shift in responsibility for maintenance. An on-premise solution is kept on-site in the form of hardware stored in your server room or a dedicated receptacle. On the other hand, a cloud-hosted phone system is stored off-site and is maintained by an outsourced provider. It is a phone system that users access through an Internet connection. While it might seem appealing to shift this responsibility away from your organization, there?s a case for on-site solutions that you may want to hear. Here are some of the advantages of hosting your own VoIP solution in-house, compared to going through a cloud-hosted provider. Control: Compared to a hosted solution, your organization can have greater control over the phone system. You can add or remove users, phone numbers, and the like, rather than calling your hosting provider and having them do it for you. Of course, this also means that you have greater responsibility over the system as a whole, so it?s imperative that you have staff on-site or outsourced IT support that you can rely on for assistance Use your existing infrastructure: Your organization already has an infrastructure laid out which connects your workstations to networks, servers, and other important hardware components. When you implement an in-house phone system infrastructure, you can use this same network to connect your employees to the phone system. If you?re hosting your solution in the cloud, this entails configuration of the system and its setup–something that you may not have control over with a hosted solution. How does your business communicate? Do you use a traditional phone system that?s difficult to scale, or do you take advantage of a cloud-hosted VoIP solution? Have you ever considered moving your communications infrastructure in-house? If so, White Mountain IT Services can assist with the implementation and maintenance of your phone system. To learn more, reach out to us at (603) 889-0800.

Protect Important Security CredentialsHackers often target the credentials of major figures within your organization, such as those of corporate executives or IT administrators. These usernames and credentials can then be used to target sensitive information, and must be protected at all costs. It?s important to use encryption to protect these credentials, and to make them as long and complex as possible. If these credentials are stored somewhere, make sure that they?re located in an encrypted password manager, not a shared plain text file. Restrict Admin AccessYou should be able to restrict certain parts of your network on a per-user basis. This means keeping average employees from spying on information that they don?t need to be privy to. This could include financial or personally identifiable information. The basic idea is to restrict this type of information to only the departments that need access to it, like accounting or human resources. The fewer people who can access it, the less chance there is that it will be compromised. Therefore, your team should only have access to information that they require to do their jobs, and nothing more. Improve Password Security with Best PracticesIf you?re using a password manager, you can take advantage of password best practices without forgetting your passwords. These best practices are required if you want to optimize the security of your accounts. You want to use different complex passwords for every single account. These complex passwords should include both upper and lower-case letters, numbers, and symbols. The goal is to make them as difficult to guess as possible. Don?t worry–your password manager will do all of the remembering for you, which is why it?s such a valuable investment in the first place. Eliminate Shadow ITOne of the ways that hackers will infiltrate your systems is by using forgotten-about software solutions that may lurk on your organization?s workstations. This happens when an employee unknowingly downloads a solution that hasn?t been cleared by IT. This often happens if they want a program, like Microsoft Word, but it hasn?t been officially issued to them. Shadow IT is well-known as an opportunity for hackers to attack systems, as fake software licenses or malicious programs might be included with any ?freeware? your team finds. You need to emphasize to your team that there?s a process that must be adhered to for new software solutions, and that they need to go through the proper channels (like through IT) before implementing an unapproved solution. Train Your Staff on IT Best PracticesIf you understand the basics of IT security, it can only get you so far without your entire staff being versed in it as well. You want to make IT security a part of company culture. This can be accomplished through extensive training and consistent reminders of how best to avoid threats. Teach them what to do if they suspect that they?ve been hacked, and help them avoid dangerous threats, including malicious links, spam phishing attacks, and unsolicited email attachments. To learn more about how best to secure your infrastructure, reach out to White Mountain IT Services at (603) 889-0800.

What the 10,000 Hour Rule IsThe 10,000 hour rule is a concept that claims the best way to develop what?s called ?world-class skill? is to have at least 10,000 hours of experience using the skill. The original report discussing the 10,000 hour rule was published in 1993 and used an example of musical students at an academy in Germany to reinforce the point. The students put in an average of 10,000 hours of practice by the time they had turned 20 years old, resulting in ?world-class skill.? Why It Might Be WrongAnders Ericsson, who worked on the original study, claims in his new book that the 10,000 hour rule is much more complex than simply ?practice makes perfect.? Alongside his co-author, Robert Pool, he attempts to take a more scientific approach to the rule. Here is a short summary of their conclusions: There?s nothing special about 10,000 hours: Rather than chosen through a scientific method, the number 10,000 was chosen because it?s a round number, and that it?s a large number. Regardless, the musicians could be prodigies but still be nowhere near their peaks. It?s been proven that pianists usually reach the pinnacle of their abilities by the time they?ve reached 30 years of age. 10,000 was only the average: 10,000 might be a lot of time, but it will only be enough to reach the average of those who are also working toward the same skill level. If others have a similar skill level, how can you be deemed ?world class?? Other studies have shown that it can take as many as ten years to reach this skill level. Practice isn?t enough: While it certainly helps to put plenty of time into practice, that isn?t enough. You need to go out of your way to challenge yourself and put in ?deliberate practice.? Go beyond your comfort zone and work toward improving yourself. The Lesson: Practice Makes Perfect, Not Necessarily TimeRegardless of whether or not you believe in the 10,000 hour rule, there are still some lessons that can be gleaned from this study. Here are three ways that you can apply the 10,000 hour rule to your professional development. Train the right way: If you take the time to focus on your skills, you?ll surely see results. Make sure that you devote yourself entirely to learning the new skill. For example, a writer who?s trying to hit his daily word count probably shouldn?t do it with the television on in the background, as it will take away from his focus and reduce the quality of his work. Practice, practice, practice: Regardless of how much time you spend on a certain skill, you?ll be gaining valuable experience and improving it. Even if you only spend a couple hours a week here and there on learning about your chosen craft, your knowledge will undoubtedly grow and you?ll see at least some results. There are no limitations: It?s important to remember that there will always be ways to improve yourself and your skills. Even if you?re at the forefront of your chosen industry, there?s surely something else you can learn if you work hard at it. While it might be impossible to become an expert on a craft in a short period of time, if you focus on the right aspects of […]

The first of these, referred to by eBay as ?One Time Password,? takes the second factor of two-factor authentication and turns it into a single factor. Rather than requiring account holders to remember a password, eBay will send a confirmation code to a user via SMS, which will keep the user logged in indefinitely after using that code to log in, regardless of whether the code was entered on a mobile device or desktop solution. Additionally, eBay is hard at work to allow account authentication through the Touch ID sensor found in newer Apple devices–also replacing the need to remember a password for those who use Apple products. In response to questions regarding eBay?s motivations to implement such features for their users? account security, Senior Director for Identity and Member Communication Product Management Dave Comer stated: ?One Time Password and Touch ID Authentication eliminate the need to remember your password when you want access to the eBay Marketplace… We all use so many applications that require passwords and login information that it is impossible for users to remember them all. We want to eliminate the friction entirely.” While eBay?s reasoning does make sense, one has to wonder about the security of the transactions made by users with such features in place. After all, all it would take to become a victim of a financially motivated crime, or even a prank with ramifications far beyond the prankster?s expectations, would be for an employee to leave eBay open on an unlocked workstation. While remembering passwords may be difficult, that difficulty is ultimately to the user?s benefit, as a difficult-to-remember password is harder to guess, thereby being inherently more secure. The advancements eBay has proposed come with increased functionality for those who use Android Wear devices in conjunction with eBay. Android Wear users will soon be capable of receiving notifications to their wearable that direct them to items that may pique their interests, as well as read and respond to messages via their smart device. This, too, brings up questions in regard to account security. It has been consistently demonstrated that wearable devices are notoriously less secure than mobile ones, and even less so than desktop solutions. Therefore, unless eBay has implemented some serious security measures, these innovations may be wise to pass on until more evidence is available regarding their security–as is the case with any new developments from a large company. So what does this mean for small and medium-sized businesses? A whole lot, actually. Many SMBs are taking advantage of two-factor authentication by implementing security systems where the user?s smartphone receives a code when logging into the network. That way, it doesn?t just require a password to get access to your data, but access to that user?s mobile device as well. Plus, new physical security solutions like pin pads and smart door locks can now be unlocked directly with a registered employee?s smartphone. For more information and advice on how to handle network security in your own operations, be sure reach out to White Mountain IT Services at (603) 889-0800.