Recent Blog Posts

Know Thy Enemy: Warning Signs of Phishing

Four Variables of Phishing Before we outline the four things you should be looking for to identify a phishing message, we wanted to say that these attacks can happen over any type of communication. You can just as easily be phished over the phone or through the mail as you can over email or through instant message. Most phishing messages are delivered through email, but they can come from any direction.  Let?s go through four variables of a phishing message: #1 – There is a Real Sense of Urgency While a lot of the messages that we get in business are demanding, there is something extraordinary about a phishing message. Essentially, phishing messages will urge the reader to take immediate action. This action could be in the form of clicking on links, downloading attachments, or giving over credentials that the hacker will then use to infiltrate organizational computing networks and steal data, deploy malware, or other negative situations.   #2 – Poor Grammar and Spelling Many of these messages are created with the notion that the reader will be fooled by the overall legitimacy of the message. Many times they are sent as being from financial institutions or insurance companies. Typically, however, there are signs within the message itself that can signal its illegitimacy. Variables like misspelled words, poor use of grammar, and other red flags can tip users that the message is not legitimate.  #3 – The Domain Is Not Right When someone sends an official email from a business, typically the domain name of the email address that is sending the email will represent the organization that the message is coming from. If the address doesn?t come from the organization that is sending the message, that is a giant red flag. Most reputable organizations pay good money to host their own domain and if the address you are getting a message from doesn?t represent that, you have to believe that it is a scam.  #4 – Suspicious Aura of the Message You know the type of messages that you typically get. If a message you receive doesn?t meet the criteria of ?normal? you, at the very least, need to verify with the presumed sender of the message that it is legitimate. If it feels off, it probably is. Make sure you get this confirmation through a different means of communication. Phishing messages are the most common way that hackers gain access to systems and deliver malware. As a result, you need to make sure that your staff is thoroughly trained on what variables to look for so they don?t put your whole organization in danger. For more information about phishing or to get some help implementing a training strategy at your place of business, give the IT professionals at White Mountain IT Services a call today at (603) 889-0800.

Could the Blockchain Someday Make Business Data More Secure?

First, Let?s Review What Blockchain Is Blockchain technology, also known as distributed ledger technology, is a method of computing where an entire P2P network of computer systems?thousands of computers in total?share the responsibility for storing data. Every process or transaction is recorded by every participating system?s ledger, creating a decentralized and implicitly trustworthy chain of immutable records. This Decentralized Nature is Key to the Idea of Improved Security The concept of this idea is as follows: Centralized servers are the keystone to many, many organizations? infrastructure strategies. Naturally, any of these organizations could be targeted by cybercrime, whether that?s through a phishing attack, a Distributed Denial of Service attack, whatever the perpetrator has determined to use. With the blockchain in play, however, the person or group attempting the hack has a much higher bar to clear. Instead of just attacking one server, the attacker now has to get control over effectively the entire blockchain in order to do anything. Otherwise, the rest of the blockchain will see the change in the attacked node?s ledger and reject it?blocking an attacker?s attempt to exfiltrate data. So, with it laid out in language like this, what do you think? Could this potentially be the next big thing in blockchain? We?d be interested in finding out, that?s for sure. However, this is all still a hypothetical, posed by Internet privacy advocate Jenelle Fulton-Brown, a security architect based in Toronto. In the meantime, White Mountain IT Services can help outfit your business with the best cybersecurity infrastructure available to New Hampshire businesses, while also helping to educate your team on the behaviors they need to follow to keep your business safe. Give us a call at (603) 889-0800 to learn more.

Data Backup Truly Protects a Business

The ?Disaster? Every disaster doesn?t need to ruin your workplace. Sure, you might be the victim of an ?act of God? like a fire or a flood, but the reality is that most of the time, if you lose data, it is the result of something a little more subtle. There?s nothing subtle about millions of gallons of water seeping up from the ground and overtaking your workspace, of course, but there is when a component on your seven-year-old server fails and you are left without all the data and applications that it hosts.  The point is that disasters come in all shapes and sizes, and if your business isn?t ready for every single one of them, chances are that it will be the one you aren?t ready for that you will be hit with. Let?s go through some of the considerations you will have to make when strategizing your data recovery platform and how recovery impacts businesses. SMBs and Data Loss It has been proven that small and medium-sized businesses (SMBs) are the companies hurt the most by data loss. Larger businesses typically have the means to build their data redundancy and the ability to recover this data when needed. Smaller companies don?t have that luxury, so it is important to realize just how important data backup and recovery are. 60 percent of SMBs will shut down within six months if they have a dramatic data loss incident, so it is a situation that needs immediate attention. Here are some tips to help you build a more robust backup and recovery strategy. Recovery Planning out data recovery is crucial. If you were to have a backup plan and you end up losing data with no plan on how to recover it, you could have a problem maintaining business continuity. You can use a service (like our BDR) or there is software you can use that will help you manage your backup and recovery processes yourself, but make sure you have an idea of how your business can get back up and running quickest and then prioritize that strategy. With so many threats out there to your business? computing, having a backup plan that works to get you back up and running quickly is important.  Testing Backups Not only should you concoct a consistent backup schedule, you should always test your backups to ensure that they are working properly. Nothing is worse for a small business than having to go through a data loss disaster and have a backup in place that wasn?t working for days or weeks. Be sure to log your tests so that any IT administrator can know when data was backed up and how to recover it should the need arise.  3-2-1 The 3-2-1 rule is a policy that builds stable redundancy of a company?s data and computing assets. Essentially, the business keeps three copies of data, two of which are kept onsite, with one copy stored offsite. We suggest the offsite storage be in the cloud, as with our backup and disaster recovery (BDR) service, but it can be as simple as taking a hard drive with your backed-up data offsite when you leave for the day. Either way, having three copies of your data can go a long way toward building data security. Leave […]

Modern Businesses Need Modern Tech Support

Let?s dive into what managed IT services cover, as well as the benefits that this coverage provides to your business. What Do Managed Services Entail? In simple terms, managed services are meant to cover any IT needs your business experiences, whether that?s helping to fulfill a few tasks that your internal IT employees can?t realistically get to in the time they have or by serving as the IT department itself. By supplementing whatever resources you already have, the managed service provider helps you to accomplish more with your technology. This can take any of many forms?and most businesses that work with an MSP likely use a few of them?-including: Support services Hardware and software procurement Network administration and maintenance Backup, disaster recovery, and business continuity Cybersecurity Cloud computing and related services Communications Compliance needs In short, the blanket of ?managed services? has the potential to cover quite a bit?and there are additional benefits that come with it as well. How Managed Services Assist Small and Medium-Sized Businesses The MSP can make a big difference for the SMB. Let?s take a look at a few benefits the MSP will bring:  Managed Services Allow Your Team to Focus on Their Priorities When your IT team is stuck chasing after support issues, there?s only so much that they can do to further your business? technology strategy. The reverse is true as well?too much focus on advancement can lead to support needs piling up. Working with an MSP helps to eliminate these imbalances, giving your team the opportunity to accomplish more. Managed Services Help You Consolidate and Reduce Costs Employing people is expensive. In addition to salary and benefits, there are all the costs associated with advertising the position, interviewing candidates, and other investments needed, often to gain one more set of hands or a single mind to help. Compare this to what working with an MSP provides for a set monthly cost: an entire team of skilled IT professionals assisting your existing team. Managed Services Give You Access to Additional Skills A good MSP is motivated to ensure that the people they have assisting you are as capable as possible. This means that we are incentivized to encourage our team members to improve upon their skills and certifications. Plus, working with us might give your employees enough leeway to invest more time in their own continuing education. Give Us a Call Take Advantage of these Benefits for Yourself White Mountain IT Services can step in to boost your business? technology and use thereof. Give us a call at (603) 889-0800 to learn more.

The Reality Is That You Could Know More About Cybersecurity, Part 1

Data Breaches and Hacks Are Not Ideal The last thing you want to deal with is a data breach, as it could set off a chain of events which could be potentially catastrophic for your organization. It could derail operations, ruin your reputation, and subject you to expensive fines that could cripple your budget for the foreseeable future. The best thing you can do is be educated about security, as even a baseline level of knowledge is more than enough to make a difference. Let?s go over the three-step process you can use to secure your business. It All Starts with Training Comprehensive cybersecurity starts with you and runs through the chain of command down to your employees. Training is a great way to make sure that everyone stays informed on security best practices and expectations. There are two major components that you?ll need to focus your training on: password security and phishing attacks. Password Security Most accounts require passwords, but not just any passwords. You should prepare your accounts with those that are complex and hard to guess, but they also need to be easy enough to remember, for your own sake. Teaching your employees this becomes crucial, but it?s easier said than done. We recommend you set up passphrases to get the most security out of passwords while retaining the ease of use. Passphrases are the next-best option compared to a password manager, which we will discuss next week. Passphrases consist of words that don?t normally go together, mixed in with letters, numbers, and symbols, to create a complex password that is much less likely to be guessed. Phishing Attacks Additionally, your team should be prepared for how to identify and respond to phishing attempts, as they are responsible for the vast majority of cyberattacks. This is primarily due to most business tools using encryption, meaning the only way to break into a system is to trick someone into giving you access somehow. Social engineering tactics are often leveraged against employees to convince them to inadvertently hand over their credentials, providing access to a system. Hackers might send suspicious messages under the guise of someone else, urging individuals to take immediate action in a situation they don’t fully understand. If the hacker successfully tricks the user, they will have easy access to a network or network-attached account. Here are some of the things that people need to look out for: Messages from people/addresses employees don?t recognize demanding they take immediate action. Strange grammatical mistakes that wouldn?t normally be in a piece of official correspondence. Directions to click on suspicious links or open attachments. Phishing attacks can be remarkably sophisticated and can often appear to come from someone within your organization, a family member, or authority figure. Be sure to encourage your team to always follow up in the event they receive an email or message about this. It could save you from a lot of headaches moving forward. Next week, we will address some of the ideal tools and strategies you need to resolve the issues outlined in today?s blog. In the meantime, we urge you to contact us at (603) 889-0800 for any and all security-related concerns.