Let’s explore how this may be changing in the near future. The Projections for the IoT With 127 new IoT devices connected to the Internet each second, it should come as no surprise that estimates place their numbers at around 75 billion in total by 2025. This means that there are plenty of new opportunities for a cybercriminal to find and exploit a vulnerability? both in commercial IoT devices and in the devices classified as the Industrial Internet of Things. There are already too many examples of how Internet-connected devices have been used to a hacker’s advantage. In 2017, the UK’s National Health Service was hobbled by a ransomware attack that affected, amongst other things, Internet-connected medical equipment. Video doorbells often stream data without any protections, and other smart home devices have been found to store Wi-Fi passwords in a similar fashion.  As the IoT continues to grow, it only stands to reason that efforts to take advantage of such weaknesses will increase along with it. What Can Be Done to Secure the IoT? Fortunately, things are already in motion to help ensure the IoT is made to be more secure. For example, the signing of the Internet of Things Cybersecurity Improvement Act of 2020 in the US and the Australian government’s introduction of an IoT industry-specific voluntary code of practice shows that governments are starting to pay attention to the issues that the IoT has the potential to open up. However, this doesn’t mean that businesses can sit back and relax. On the contrary, there are a few things that a business can and should do to help mitigate IoT-based attacks: Encrypt Data There are relatively few IoT devices out there today that feature encryption as one of their standard security protocols. Implementing encryption on a network level makes it so that your data is effectively indecipherable while in transit, rendering it more or less worthless to the cybercriminal targeting it. Change Default Passwords on IoT Devices Of course, ALL default passwords should always be changed, but the IoT makes this an even more important practice for a business. Take the few moments required to come up with a more secure password than the device is equipped with initially. Use Devices from Security-Conscious Manufacturers One other way your business and your users can help make a change while protecting your own assets is to try to deal exclusively with devices manufactured by companies that take a security-first approach. Voting with your dollars can quickly make a change if enough people do it. Otherwise, it may be wiser to stick with the “dumb” option if it serves your needs just as well. There is little doubt that the IoT will have an increased presence in modern life in the years to come. Time will only tell if that presence is a secure one. In the meantime, you can trust us to help you ensure that your business is as secure as possible. Give us a call at (603) 889-0800 to find out what we can do for you and your operations.

It should be mentioned, first off, that monitoring employee activity is nothing new. Businesses have been monitoring their in-house networks since they gained the ability to do so. This is usually done not out of a need to spy on employees or guarantee productivity, but as a security means to make sure workers are not doing anything that puts the organization or its network at risk. However, this hasn?t stopped some employers from going too far with this practice, and there is some debate over what exactly ?too far? is. Throughout the COVID-19 pandemic, there has been a significant increase in both remote work and monitoring of employees while performing said remote work. Employers simply want to know how employees are using their time. For an example of how these numbers looked before the pandemic and during the pandemic, let?s take a look at research performed by Opinium. According to a survey of 2,400 employees, 32 percent of employees are being monitored at their jobs as of October. The numbers in April were 24 percent, showing a significant increase. Furthermore, according to HR departments, employee monitoring is far more prevalent than those numbers showcase. Respondents in HR and IT both indicated that monitoring is currently happening within their organizations at 69 percent and 63 percent respectively. So, it is safe to say that the majority of employees are being monitored in some way, whether they know it or not. This creates issues of trust and transparency within organizations, both of which can be hard to get over to work towards a common goal.  How you monitor your employees is none of our business, but we do think it is important that you are monitoring your network, especially to aid in network security. If you would rather take a hands-off approach to monitoring your network so that your employees don?t villainize you, then White Mountain IT Services can help by assisting you with monitoring services and solution implementation. We can discreetly keep an eye on your infrastructure and keep it safe, even from your own employees. To learn more about comprehensive our remote monitoring services, give us a call at (603) 889-0800.

Let?s go through a quick review of what ransomware is, and then what needs to be done to resist it successfully. What is Ransomware: A Review Ransomware?the malware that locks down a system until a monetary sum is paid?has been around for a few years, and during that time has expanded and grown in its capabilities. It?s also remained a popular form of cyberattack, with Trend Micro reporting that 84 (that?s 8-4) percent of organizations experienced either phishing or ransomware in the past year? and if we?re being honest, the two often go hand in hand. There are also dozens of new innovations present in modern ransomware strains, with more and more tricky ways to get past a company?s defenses. Now, instead of just phishing their victims into installing their malicious payload, hackers who use ransomware now twist the knife a little (or a lot) more by threatening to leak data if a ransom isn?t paid. Some enterprising cybercriminals offer RaaS?Ransomware-as-a-Service?to those who want someone to hurt, and are willing to pay to make it happen. Ransomware has become so notorious and even normalized that some attackers have found success by simply claiming to have infected a victim?s PC, bluffing their way to a hefty ransom payment. Clearly, ransomware is an issue that is not going away anytime soon, which means that businesses need to be prepared to deal with it effectively. What to Do to Face Down Ransomware This is one topic that has gotten far more complicated as time has passed, simply because of the innovations we described above. Not all that long ago, our best advice (should one find themselves infected) was to make sure they always kept a backup so they could refuse to pay the ransom and simply restore their data infrastructure after the fact. Now, the double extortion method (exfiltrating data, and then threatening to leak it unless the affiliated company pays a second ransom after they?ve unlocked their systems) makes it dangerous to even do that. While we will always recommend that a business keep a comprehensive and redundant data backup for the sake of data continuity in general, a backup can no longer be seen as the de facto insurance against ransomware. This makes it even more important that a business do everything possible to keep ransomware out in the first place. Let?s go over what this will take: Keeping Defenses Up-to-Date Even basic firewalls and antivirus programs do a pretty darn good job of filtering out ransomware attempts, so it is important that you put in the effort to keep these protections?as well as all of your systems?as up-to-date as possible. This includes keeping track of any patches that are released for your chosen solutions and promptly applying them. More advanced protections are also advisable, such as those that monitor your systems and the programs installed on them for suspicious activity. This is particularly advisable where your email comes into play. If possible, have your IT resource configure your email gateway to scan ZIP attachments and block executable files. In short, the fewer ransomware attempts your team needs to deal with personally, the less likely it is that they?ll slip up. Educating and Evaluating Users While we?re on the topic, however, it is important that your team is on their guard […]

Off-site operations involve your business keeping itself operational even if it is forced to function without your office, be it fully remote through your employees? home offices or through a temporary office setup. There are two categories that should be addressed for your off-site plan to work: technology requirements and space requirements. Let?s consider them both. Technology Requirements One of the biggest challenges of any off-site operations plan is technology and making sure that all resources are accessible to those who need them. If a disaster ever destroys your infrastructure, you?ll also want to have data backup and disaster recovery implemented. Most backup solutions let you restore data directly to the device itself, meaning that there is minimal downtime in the event of a disaster and the recovery process can start immediately. However, you also need to take measures to ensure your team also has access to these resources, such as the hardware requirements (like laptops, smartphones, etc.) and the software solutions that utilize them (through the cloud, for example). Other solutions to consider include communications applications and productivity software. Space Requirements Modern technology has given businesses so many options to complete work, along with the tools that allow for it. Off-site locations can, again, include your employees? home offices, like if they were working remotely, or a temporary office setup similar to a satellite location. In either case, you will have to make sure that your employees have access to it so they can work during these difficult times. While a satellite office or temporary office does have its merits, remote work is cheaper and more cost-effective, and there are many benefits to reap from this as well, like the low comparative cost to set up; all you need to do is make sure your team has access to the tools and technology needed to get their work done. If your business needs help with planning for remote operations, White Mountain IT Services can help. To learn more, reach out to us at (603) 889-0800.

First Off: Yes, Overwork is an Issue There are a lot of workplace challenges that remote work has brought to light beyond overwork, many of which are too deep and divisive to really broach into here?including wage inequality and racial imbalances in the workplace, for instance. However, while these issues can be too much of a challenge for us to properly address in this format, the one that overwork presents is different. Overwork can have significant impacts on the welfare of a business? employees in many different ways. Employees can feel fatigued, anxious, and experience a variety of other physical symptoms like headache, pain, and vision problems. In addition to this, it can wreak havoc upon interpersonal relationships? and all of this is for nothing because overworking can actually diminish a person?s productivity due to their increased fatigue and depressed performance. This all exacerbated when the pandemic forced more businesses than ever into remote work practices, with a far larger number of people suffering from the emotional stress and pressure that remote work can lead to. So? what can be done about overworking, even when the work is being done remotely? How to Help Diminish Remote Overwork While you obviously can?t go to each remote worker?s house and check in on them, there are a few policies that can help decrease overworking in general?helping to reduce the phenomenon in-house and remotely at the same time. 1. Support the Use of a Schedule ?and not just a schedule dictating work hours, either. Establishing a workday routine that starts when one gets up and ends when one goes to bed (not just one that lays out the time spent actively working) can help immensely, as it generates a habit of starting and ending work at consistent (and appropriate) times. This consistent schedule will help reinforce the limits you want the workday to have. 2. Use Time Tracking Tools Time tracking is another great way to help keep your team from overworking, as they?ll have a reference to where they are in the day in terms of their tasks. Plus, with a visual reminder of what they have on their plate already, your team members will be that much more cognizant of their limits. White Mountain IT Services can help you acquire these tools, so don?t hesitate to reach out. 3. Encourage Your Team to Speak Up Finally, you need to empower your team to let you know when their work requirements are starting to overcome them. If they are feeling overburdened and afraid to say no to additional tasks, they?ll be more likely to take on more and more and dig themselves a deeper hole. Make sure they know that they can approach you about these concerns before they get to that point. From the tools that your team uses to work, to those that help you manage when your team does its work, White Mountain IT Services is here to help you put them to use. Give us a call at (603) 889-0800 to learn more.