Recent Blog Posts
First Off, What?s a DDoS Attack? DDoS stands for Distributed Denial of Service, and it specializes in overloading your network with more traffic than it can handle. Your business? network can only handle so much traffic at a time, and when it receives too much, it shuts down entirely. It typically doesn?t need to process so many requests at a time, unless it?s under extenuating circumstances, like with a DDoS attack. Your server has its limits, and the DDoS attack exploits those limits. You have a finite amount of bandwidth with which to go about your business?bandwidth that is already being used by your communications infrastructure and Internet. DDoS attacks use the resources of countless infected computers, typically referred to as a ?botnet,? to ping your network with so much traffic that it is forced to collapse under duress. In essence, the DDoS attacks literally ?deny you service? by preventing you from accessing the tools and resources you need to go about your daily operations. This is What Cloudflare Stopped Cloudflare specializes in content delivery, along with SSL certificates and DDoS mitigation, so it stands to reason that they would have contingencies in place to put a halt to this attack. This particular attack reached a point where 26 million requests were being made each second, using only 5,607 infected Internet of Things devices across 121 countries. There Are a Few Things You Should Do to Protect Your Business We always, always recommend that you provide your team with a baseline understanding of network security issues, including password security, phishing awareness, and other best practices to prevent your devices from becoming a part of another botnet. You can also add and maintain a firewall to limit traffic into and out of your network. Of course, it?s not always this simple. You might also need to ensure that your firewall doesn?t fail. Be sure to keep your systems updated and to keep a comprehensive DDoS response system in place with your business continuity plan. It also helps to use the cloud for more parts of your business operations. The cloud is generally better equipped to handle these types of attacks, as it has greater bandwidth to minimize the impact of DDoS attacks. We Can Help You Put All This in Place If this all sounds overwhelming, don?t worry?we?ve got your back. To learn more about how we can protect your business, reach out to us at (603) 889-0800.
What is a Network Bottleneck? First, let?s provide a visual representation of a network bottleneck. Imagine that you have a bottle of water filled to the brim. You have the neck of the bottle at its top, limiting the amount of water that can pass through at any given moment. This is done so as to keep you from drenching yourself with your drink. In a similar way, a network bottleneck occurs when something is obstructing or constricting the network?s ability to transfer data efficiently. In other words, the network doesn?t have the capabilities to transfer data the way it should be, creating operational problems for your business. Network bottlenecks emerge when there are complications with the way a network is designed or configured, but they can also occur when a hardware failure occurs. To illustrate things in a different way, consider a highway with three lanes. Let?s say one of them is under construction and closed. The traffic that would normally flow through unimpeded is now slowed down considerably due to the shutdown. This is what can happen during a network bottleneck; the same amount of data cannot pass through effectively when there aren?t enough resources to handle it. What Can You Do About It? Without knowing what the cause of your network bottleneck is, you cannot address the root issues at hand. You can attempt to self-diagnose the problem by noticing where and when devices are having trouble accessing or sending data across your network. Generally speaking, replacing the necessary components or devices with more compatible ones, or adjusting the required settings, is often enough to resolve a network bottleneck. In some cases, network slowdown can have other causes, so we always recommend working with a professional to determine what the true cause of this slowdown is and if a bottleneck is occurring. It helps to proactively monitor your network traffic so you know what is regular and what is abnormal for your network. Contact Us Today If you suspect that your organization is suffering from a network bottleneck, we urge you to contact White Mountain IT Services for a comprehensive network audit. We can help to determine the cause of the bottleneck and the appropriate next steps to ensure that it is addressed in the correct manner. Whether you need to update your hardware or adjust some configurations on your switches, we will take care of the heavy lifting for you. This will help you focus on getting back to work and using your now-efficient network to run your business more optimally. To learn more about what we can do for your business, reach out to us at (603) 889-0800.
Breach Detection Methods The first step is to build your system of breach detection methods. Because hackers and their malware aim to be invisible until they strike, it’ important to have a wide range of detection measures to identify when a breach – or the infection before the breach – occurs. Network Monitoring Network monitoring tracks all behavior across multiple systems ranging from CPU core temperature to network activity. Network monitoring allows you to track when hidden processes are using resources and unauthorized network access. Network monitoring is the channel through which all access data flows, and with expert interpretation, can reveal a breach as it happens. Access and Control Management Access and control management is the new method by which everyone with access is given minimum access. Each employee and customer can only open the files they specifically need. By tightly controlling access, you can then go on full-alert when unauthorized access occurs. Virus Scanning Naturally, your virus scanning software plays a role. Should a program try to download, install, or run with the clear traits of a computer virus, your traditional protective software should alert to the malware presence. Human Suspicion Sometimes, a staff member will bring a suspected hack to light. They may report an unusual computer activity or something unexpected in the data logs. Because humans work with the system every day, they can notice signs of an otherwise well-hidden hack . Make sure to have an available and encouraged channel for staff to send in cybersecurity suspicion reports for everything from phishing emails to unusual keystroke responses. Who Should Be Alerted Who should be told when one of your detection systems alerts on a possible data breach? CIO or CTO Your C-suite chief of information and/or technology in the company is likely high on the list of people who should be notified. They will rally the troops and decide the right course of action for a breach response. Network Administrator Your lead administrator who handles the network and security of your business systems is often the first person flagged by automated breach detection methods. They are also in the best position to take immediate action for damage control and recovery. Cybersecurity Specialist If your team has a cybersecurity specialist, they may be first on the list of people alerted when breach is detected or suspected. IT & Security Agency Many companies have an IT agency that supplies their network and cybersecurity support. If a breach is detected, they are likely already responding or will need to be the first called to take defensive action on behalf of the company. Damage Minimization Measures Make plans to swiftly minimize the damage of a data breach as soon as possible. The goal is to isolate the malware or hacker’s access to your system before eradicating the invasion, closing the breach, and recovering to an uncompromised state. This starts by protecting the rest of your network, endpoints, servers, and cloud assets from exposure. Isolate Infected Systems or Files Identify which files, data systems, or servers are infected and isolate them. With physical systems (and before the cloud) this might mean pulling the network cable so no other systems are infected. Isolation is more complex in modern business information systems, which will require a unique approach based […]
Why Backup Your Data with Office 365 Office 365 offers some great data protection, but it doesn’t actually provide for all personal data storage needs -and does not come close to all business data archiving needs. Why back up your data when working with Office 365? Office 365 Backups Only Last 30 Days The first and most important reason is that Office 365 only backs up data for 30 days, typically, or 90 days in some circumstances. This is a long time for collaboration, but not long at all for backups and archiving. 30 days means that you can’t restore backups or rollback changes made over 30 days ago. It also means that mistakes and accidental deletions that aren’t noticed for over 30 days are lost. There is no restoring data that Office 365 drops after 30 days. This includes version control from recent and old changes and the archives. Working with Hybrid Storage Hybrid storage is when you store some of your project assets in Office 365, and some on local computers or servers. This is very common for business usage where not all your data is used in Office 365 or you work with file types and editing software outside if Microsoft Office. If you are using hybrid storage, anything stored locally should also be backed up locally. After all, Office 365 can’t create cloud backups if your files aren’t within its duplicated file system. Likewise, if you set up One Drive to back up a specific local folder, this can get tricky. Changes to the cloud folder and the local folder will need to sync, including deletions, which can result in lost data. In general, if you are working with a hybrid workflow with files inside and outside cloud syncing, then backing up everything is the best way to avoid data aberrations between the two file storage systems. Compliance Archiving Office 365’s backup system also does not prepare you for compliance archiving. Many regulations require a business to keep certain documents archived for potential audits in the future. This includes things like payroll and certain employee records. Having these documents available and properly stored is essential, should they ever be needed. Every now and then, an audit will mean pulling out all of your archives for review. With Office 365 alone, there’s no guarantee that all those historical backups will still be available. Fortunately, there are other ways. Landmark Version Control You may also want to be able to roll back your projects to specific landmark points – before certain decisions and changes were made to the design and stages along the way. This is not doable with Office 365 temporary backups, but can easily be done by taking your own backups at landmark points in each project. How to Backup Your Data Alongside Office 365 How can and should you handle data backups while working with Office 365? Microsoft 365 Cloud Drive Backups The best solution is to pair your cloud-based Office software with Microsoft’s cloud storage solution. Microsoft 365 is inheriting the system from Office 365 and also offers specialized Microsoft Cloud storage. From Microsoft 365 Backup, you can choose the amount of cloud storage you need and rely on Microsoft to keep the backups in your separate cloud storage readily available for […]
Restrict Access Based on Authorization and Location The first step to safe sensitive data handling in the workplace is to restrict access. It’s probably true that only a handful of specific employees need direct access to a company’s stored sensitive data. Likewise, only a few processes and programs run on company computer systems might have a legitimate reason to directly access sensitive data. In many circumstances, there’s no need for sensitive data to ever be accessed or transported outside a physical space. So close all other points of access. Only give employee authorization to those who need access. Limit access only to specific monitored workstations inside the office. Or only permit a specific program with decryption codes to access the data under any circumstances. Create a List of Approved Uses for Sensitive Day What is sensitive data being used for in your company? For example, you would use a customer’s financial data to bill them and possibly to build analysis models for trend-spotting. You might use a customer’s home address to geo-target advertisements, or you might use a customer’s IP address to provide better local online services. But the number of things your company does with sensitive data can be written in a finite list. Determine all the approved uses of sensitive data inside the company and make that your White List. Prevent and ban all other uses of sensitive data and excuses to access it. Prevent Unauthorized Copies of the Information Copying sensitive data is a huge risk. Whether employees make a digital or printed copy or even jot down notes on a scratch pad, this is now sensitive information that could leave the secured and encrypted confines of the company. An employee with a copy of information can lose that copy in public or give it to another person who will misuse the sensitive data. So don’t allow copies unless through an approved data use process. Prevent anyone from copy-pasting text, block digital file copies from being made without authorization, and do not allow printing by default. Trigger Notifications When Sensitive Data is Accessed One of the best ways to prevent accidents is with constant oversight. Create a log for routine and approved sensitive data access. And if any sensitive data is accessed outside of 100% expected conditions, then create a notification for the security admin. This quick heads-up that sensitive data is being accessed might be enough to detect and prevent a major breach. Any time your servers containing sensitive information are accessed without the right authorization, decryption, timing, etc. will create a security incident that will need to be checked out and cleared. This concept is much like when Google alerts you to a new device login. Just in case it’s a hacker in another state. Automate Complete and Audited User Removal A critical element of sensitive data security is data deletion. When a customer deletes their account or asks for data to be destroyed, it must be destroyed completely. This means removing all lingering sensitive, personal, and possibly public information about that account-user from your servers. No identifying information can remain when an account is closed. To do this, build a system of combined automation and auditing. Start with an automated clearing and complete deletion of all known information about […]