Recent Blog Posts

Ransomware: A Growing, Often Hidden Threat

Ransomware Not Just an Individual ProblemPerhaps you have known someone personally who had to deal with ransomware after clicking on the wrong link or downloading the wrong app. Perhaps you were one of the friends or family members they called frantically asking what to do. You might think that given proper security protocols it could not happen to your business, behind your corporate firewall. Unfortunately, ransomware is getting more clever by the day. Ransomware, a Hidden ProblemTrouble is, much like those pesky human viruses that only go stronger over time, ransomware continues to grow and learn. In large part, it certainly does not help that many companies choose to simply pay up, and that public companies are being especially targeted by custom malware, because attackers hope for big pay offs. To attackers, ransomware is a business. The more often they strike, the more attackers learn about what works – and what doesn’t – and the better invested they are in developing ever newer and better malware. Ransomware, the Zero Day Problem, and How to Deal with ItAs discussed in the Lincolnshire case above, the specific ransomware involved was Zero Day. This means the trojan virus was specifically created and targeted at this server so that it was unknown anywhere else in the world. Traditional antivirus software is powerless against such an intrusion, because traditional antivirus software is designed to look for specific code. Such software will not detect custom-created malware because such malware is unknown, as yet, in any database.Let us say your enterprise software is attacked by a custom-made virus and all you have in place is standard antivirus software. By the time the virus gets added to a database, it will be too late because you were ground zero. For this reason, you need additional protection ahead of time, security software which actively searches for suspicious activity as opposed to a specific, known malicious code, software such as System Watcher. System Watcher, or software like it, is necessary in an enterprise context, because you are more likely to be hit with a specific, targeted attack by an attacker who knows what they are doing. How to Respond to Ransomware?If you have been attacked by ransomware, or if you are filling out a risk assessment matrix in case you ever are, in either case we strongly encourage you to include security consultation as part of your response. Here is why. 1. You really do not know who is asking for money. If you are considering paying off attackers, bear in mind that you do not know who you are going to pay off or what they ultimately want. Perhaps it is a competitor who secretly wants to steal information from you and is looking to exploit your security by pretending to fix your problem. Before coming to any decision, please consult with outside security, someone who knows the business and can – at least – tell you who the attacker is and whether a pay off will make the problem go away. 2. Ransomware really can destroy data. Conversely, if you are hoping this attack is an empty threat, you may be tempted to ignore the threat and hope that after a time the DDOS attack (or however the ransomware is expressing itself) simply goes away when attackers see […]

The Advantages of Hosted Email are Significant For SMBs

One of the best ways to dodge these problems is by having your email hosted off-site by a managed service provider like White Mountain IT Services. Doing so affords your business plenty of benefits, and helps to free your business from the pains of maintaining your own technology solutions. What We Mean by Hosted EmailEmail hosting as a service is a great way for businesses to save money and to keep operations moving without comprehensive management on their part. In essence, your email server is hosted off-site in a secure data center and is managed and maintained by our professional IT technicians. The best part of a hosted email solution is that it?s crafted to your business?s specific needs, rather than it being an ?out of the box? solution. This means that you?ll have to spend less time making it work for you because it already does work for you. The Benefits of Hosted EmailYour business can gain a significant advantage by outsourcing the management of your email server to White Mountain IT Services. Here are three benefits of hosted email: Less time spent on maintenance and management: The most notable benefit is that your business no longer has to worry about keeping your email server operating properly. Since this responsibility is being handled by an external party, you?re free to use the time and resources on other initiatives that are more immediate and pressing. Flexibility and scalability: Another huge benefit of hosted email is that it?s scalable to suit the specific needs of your business. Not all organizations have the same needs, and as such, some will require less intensive email solutions. On the other hand, other organizations will need expansive and flexible solutions that are capable of adding users easily. Our hosted email solution has enough flexibility to fit into any business?s budget. Security and redundancy: Your business?s email is an important part of your IT infrastructure, and as such, hackers will try to take advantage of it in order to compromise your network. Spam campaigns and phishing emails are common occurrences that can break your infrastructure if left unchecked. Having your email hosted in a secure data center means that you?ll be less likely to experience hacking attacks. Plus, we also offer a comprehensive spam blocking solution which is designed to provide enterprise-level security to your network. White Mountain IT Services can help your business fully leverage not only email hosting, but also many other communications solutions. To learn more about hosted email, give us a call at (603) 889-0800.

Where You Store Your Data Makes a Big Difference

For example, storing your data locally has several benefits, but only if it?s done in an efficient manner. The same can be said for storing your data in a cloud; while it has valuable uses, this is only if you?re taking the correct approach to cloud computing. When to Store Data LocallyMany organizations will host their own data infrastructures in their internal network. This means that workstations that have access to the network will be able to access the information stored within. However, this also means that your workstations need to be physically connected to the server. This complicated cabling and networking can be cumbersome, but it also provides a relatively quick connection to your business?s internal data. Storing your data locally in-house allows you to implement security solutions that are designed to prevent threats from accessing your data, which is crucial for any small business. When to Store Data in the CloudA better question to ask would be, ?when is it not okay to store data in the cloud?? The cloud is one of the best ways you can deploy data to your entire organization without physically connecting all of your system?s workstations to a central data-holding server. With the cloud, any information stored can be shared and deployed via an Internet connection, allowing anyone with the correct permissions to view it. If you have data that needs to be accessed by many employees, then the cloud is the ideal way to store your data. Depending on the cloud solution you implement, you?ll have varied control over the security and deployment of your data. Businesses that relish this control will want a private cloud that?s either hosted in-house or through a managed service provider, while organizations that don?t need comprehensive control will appreciate the functionality of the public cloud. When to Store Data Off-SiteOff-site data storage is effective for a number of reasons. For one, off-site data storage is similar in nature to the cloud; your data is there, and it?s available when you need it most. It?s helpful to store backups of your data infrastructure in off-site data centers so that you can take advantage of them in the event of a data loss disaster, like a natural disaster or hacking incident. Backup and Disaster RecoveryThere?s a reason that so many great solutions rely on the cloud, and it?s because it allows for near instantaneous access to your business?s data. In particular, this is important for your data backup system. When you face a data loss disaster, you need to take quick action to ensure that you minimize downtime. With a backup and disaster recovery (BDR) solution from White Mountain IT Services, your data is immediately deployed to the BDR, which temporarily takes the place of your server in the event of a hardware failure or crippling disaster. This kind of convenience isn?t available without storing your data off site. For more information about data storage, the cloud, and BDR, give White Mountain IT Services a call at (603) 889-0800.

How to Enable AutoRecovery for the Microsoft Office Suite

Fortunately, Microsoft Word and other parts of the Office suite, like Excel and PowerPoint, all have the option to perform what?s called an AutoRecovery. By strategically taking advantage of AutoRecovery, you can reduce the risk of losing progress on a file. Enabling AutoRecover in OfficeBy default, AutoRecovery is enabled in Office. However, if for some reason it?s not enabled, you can manually turn it on. Go to File > Options > Save, and near the top you?ll see the option to Save AutoRecover information every x minutes. Right underneath, there will be another option, Keep the last autosaved version if I close without saving. Make sure that both of these boxes are checked, and enter in the number in the field for the first option. After that, all you have to do is click OK. Depending on whether or not you?ve saved the file you?re looking to auto recover, the next steps might vary. If you had saved a file, but you experienced a sudden power-down that led to unsaved changes, you have a chance to get them back. Open the file you were working on, then go to File > Info. Under Manage Document you should see the version that you?re looking for. Then, all you have to do is select Restore in the yellow bar at the top of the page, and your file will overwrite any previously saved versions. However, if you haven?t saved the file you were working on last, you have to follow a different procedure. Click File > Info > Manage Documents > Recover Unsaved Documents. If you?re working in Excel, you could select Recover Unsaved Workbooks, and in PowerPoint you can click Recover Unsaved Presentations. Once you select the file that you want to recover, click Open. Finally, in the yellow bar at the top of the screen, choose Save As; and remember to hit Save next time! Other SolutionsEven if Microsoft Office has built-in autosave features, your organization will still largely rely on other comprehensive data backup and disaster recovery measures. One of the best ways to approach your business?s backup and recovery needs is to implement a backup and disaster recovery solution (BDR) device from White Mountain IT Services. BDR not only takes rapid backups multiple times a day, but it also quickly deploys that data to your infrastructure for easy recovery. Furthermore, the BDR can act as a temporary server, so your productivity doesn?t skip a beat while you look for a replacement system. It?s the ultimate solution to destroy costly and frustrating downtime. For more information about Microsoft Office or BDR, give us a call at (603) 889-0800.

How to Avoid These 4 Common Social Engineering Scams

Social engineering attacks are highly dangerous, especially since they can come in many different shapes and forms. Hackers tend to appeal to human emotions that are easily exploitable, but the primary concern for social engineering hacks is the fact that these vulnerabilities can?t be patched or augmented with security solutions. The only thing keeping your data safe from social engineering hacks is how your team deals with them, and whether or not your employees are gullible enough to hand over sensitive information. Types of Social Engineering HacksThere are many ways that hackers can take advantage of end users. It?s important to keep in mind that social engineering hacks are almost always in the form of phishing attacks, which are targeted attempts designed to garner information from specific individuals. The following types of social engineering attacks are most common: Familiarity: Humans have relationships with other humans. It?s part of what makes us who we are. Hackers will use these relationships to lure users into a false sense of security, persuading users to hand over sensitive credentials. Information: Hackers will pose as reputable organizations, like banks, colleges, financial companies, and so on, in an attempt to get you to hand over personal information. These institutions will never ask for your credentials through an email, so if you receive a message that asks for information like this, you can identify it as a scam. Authority: Some users have reported receiving messages from government institutions or local authorities that they have been accused or found guilty of crimes, and that there?s a fine that must be paid. This appeals to the fear people have that they will get in trouble, and people tend to make irrational decisions when under the duress of fear. Consultation: In many cases, the user will be contacted by someone who claims to be a member of their company?s IT department. They might abuse their false identity to pull information from your employees. Since your employees are likely to trust your IT department, they?ll be more willing to hand over sensitive information. The best way to counter social engineering and phishing scams is to educate your staff on how to handle potentially dangerous situations. They should be educated in how to approach spam and suspicious phone calls. One particularly important detail that you should always emphasize to your staff is that important information, like Social Security numbers, credit card numbers, and other personal credentials typically won?t be requested via email. Another great method of discerning potential social engineering scams is by cross referencing phone numbers and email addresses with those you currently have on file. This helps you identify fakes before it?s too late. For more information on security best practices, White Mountain IT Services is always here to help. Just give us a call at (603) 889-0800 to learn more.