What are the Costs of Ransomware? Here?s the situation: in today?s increasingly connected world, cybercriminal activities can be conducted from essentially anywhere and target essentially anyone. It isn?t like the old-fashioned stick-?em-up robbery, where the criminal had to be present to commit the crime. Now, someone in Portugal could presumably rob the Federal Credit Union of Poughkeepsie without getting up out of their poltrona. One particularly effective tool that many cybercriminals will now use to do so is ransomware?a malware that encrypts a system and renders it effectively useless, only offering the user the means to pay the criminal responsible some fee in exchange for resumed access to their resources. Whether the cybercriminal holds up their end of the bargain is another, highly unlikely story. As we?ve said, we recommend that you never pay these attackers? but we do understand why you may feel that is your best option. After all, it seems like the fastest way out of a bad situation and when your business is hemorrhaging money due to downtime, you?re going to want to fix the situation as quickly as possible. This is precisely what the cybercriminals are counting on. Despite this, it really is a bad practice to pay for resumed access to your data for a number of reasons, not the least of which being the fact that you?ve no guarantee that your data will actually be returned and that the money you send will only fuel more attacks. However, that?s just the start of your problems, should you elect to pay up. Uncle Sam Wants to Dissuade Businesses with Different Tactics To try and discourage ransom payments, the Treasury Department is doubling down on the advice that the Federal Bureau of Investigation has been giving for years. Rather than simply discouraging businesses from paying, the Treasury Department has warned that the federal government could severely fine the businesses that pay out these ransoms for violating terms laid out by the Treasury?s Office of Foreign Assets Control. In their Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, OFAC outlines how many cybercriminal groups?including the North Korean Lazarus Group, the Russian cybercriminal syndicate Evil Corp, and individuals tied to SamSam and Cryptolocker?operate out of regions that are already subject to economic sanctions, or have had sanctions levied against them. These sanctions make it a crime to make any transactions with them?including ransomware payments. After all, once that ransom is paid over, who’s to say that the money doesn?t wind up in the hands of some entity that poses a direct threat to security? Unless given a special license by the Treasury, a business that facilitates ransomware by paying up could not only see losses in the amount of the exorbitant ransom demands, but also in the fines that could be levied up to millions of dollars. Technically speaking, this advisory isn?t an outright ban on ransomware payments, per se. Instead, companies are encouraged to contact law enforcement to obtain clearance to pay the ransomware or to try to obtain an OFAC license to do so. However, these requests are more than likely to be denied. There is also no telling how much these policies will be enforced, but it is almost certainly wiser to take them at face value and act accordingly. Impact on the […]

How to Properly Design Your Backup Strategy To establish a data backup strategy that works effectively, there are a few different steps you need to undergo, in addition to the given requirements that implementing such a strategy will take. 1. Specify What Your Recovery Goals Are This one may be a little obvious on the surface, but deeper consideration makes it clearer how specific these specifications must be. Naturally, you want as much of your data and operations to be restored as possible, as quickly as possible, but it is important to put definitive objectives here. How much data do you need to restore to restart (to some level) your operations? How long can you sustain downtime before it becomes too much? Identifying this is crucial to your successful recovery? and your success at not joining the far-too-many businesses that fail within a year of a significant downtime event. 2. Train Your Team Secondly, having a backup is a great start, but you also need to know that your team can put it into action if need be. Backups are only useful when they can be implemented, and they can only be implemented if your team understands how to do so properly. Taking the time to train your team members to utilize the resources at their disposal?especially in this context?will only benefit your overall operations. 3. Build Your Procedures Once your goals are in place and your team is prepared to use the tools at their disposal, you need to make it an established practice for them to do so. While we are not suggesting that you encourage your team to make errors of any size, it will help to periodically run your employees through the processes that you have in place for data recovery purposes. Scheduling a test of your backup, and having your business run off of the backup will help you prepare for a real data loss event. Following these steps as you adopt your backup policies and procedures will only help to make them more effective. For even more assistance, turn to White Mountain IT Services. We?ll help you manage your business? IT, down to your backups and more. Find out what we can do for your operations by calling (603) 889-0800.

A Wireless Connection The Pros There is one obvious benefit to the wireless network: No wires! It is a big benefit not having to run cable, and being able to access resources anywhere within range on nearly any device makes a big difference. In giving your team access to network resources wirelessly, your business will be better suited for collaboration and enhanced productivity. What?s more, with a strong wireless network in place, you can promote some strategies that can work to improve your operational effectiveness. One of those strategies is a Bring Your Own Device (BYOD) policy. Many of your employees bring their smartphones with them when they come to work and if you don?t have a BYOD policy, they are absolutely a risk. By enacting a BYOD strategy, your staff firmly understands that while their phones can be a positive for the company, they can also be a problem and that the company has steps it can take if that negative reality comes to fruition.  The Cons With the convenience of a wireless network, the speed and security aren?t what they would be with a wired connection. You see, wireless connections are more vulnerable than wired ones. It?s easier for unauthorized individuals to hijack the signal of a wireless connection and can provide a third-party with access to the critical information that is transmitted wirelessly.  The Wired Connection The Pros When dealing with wired networks, IT administrators maintain a higher degree of control over what devices can connect to the network. This presents value is multiple ways, none more important than the degree of security wired connections promote.  Additionally, wired networks are usually much faster than wireless networks. This speed boost is magnified if there are walls, floors, ceilings, or any other potential interference to seeing optimal speeds over Wi-Fi. The Cons The biggest drawback to a wired Internet network is the act of wiring the network. The cost and time are higher than it would be to set up a wireless network, and it can also be a hindrance for maintenance if a cable fails or hardware has to be moved around due to business growth or restructuring.  Another detriment to the business is that a wired connection doesn?t allow for the type of mobility many businesses are looking for nowadays. With a wireless connection, meetings are faster, more to the point, and collaborative work can be fluid. If your business is looking to build a powerhouse wireless network, or if you prefer a wired network and need help networking your office, give the IT professionals at White Mountain IT Services a call at (603) 889-0800.

Balancing Employee Expectations With many employees demanding their small and medium-sized employers to enable mobile operations, this kind of mobility is swiftly becoming an essential need. Employees appreciate the convenience and accessibility of a smartphone, so in their eyes, implementing mobile functionality seems to be a no-brainer. However, the perspective of the business is a little different. While the convenience aspect is certainly appreciated, businesses will typically prioritize data security. However, if this security can be locked down, so to speak, mobility is likely to be embraced. Considerations to Account For Just as with any IT implementation or improvement, you need to mull over a few factors before you dive head first into mobilized solutions. These factors will include: Am I biting off more than I can chew? Or in other words, are you setting realistic goals for your business? Charging in with a comprehensive mobile implementation with no checks on device usage is a recipe for disaster. Instead of doing that, try to identify any issues you have that mobile functionality could help fix and design a tailored strategy to resolve them, specifically. While most mobile business tools are focused on collaboration and/or customer service, others are often introduced that could further expand these possibilities. Starting small and simple puts you in a better position to build upon these capabilities while maintaining control over your data. What do I need to do to keep my business secure? With additional devices suddenly seeking to access your network, multiple layers of security are going to be recommended. While passwords should always be required, it becomes even more important to encrypt your files against unwanted access. On a related note, you should also identify and implement solutions to encrypt data as it travels over the mobile network, as the security of these networks isn?t a sure thing. In addition to these precautions, you?ll want to both back up the data stored on these mobile systems and implement management solutions as a prerequisite to their use. That way, should a device go missing, you can wipe the device remotely to protect the data it contains. What will mobility mean for my business? Finally, you need to know how your team can use their mobile devices, and how that will impact your own infrastructure adjustments. For example, is your team able to access data that is hosted locally? Will any cloud systems need multi-factor authentication enabled? How able is your IT administrator to address any issues pertaining to mobile devices? In other words, in order to make mobility work in your business, you will need to have the right solutions and processes set up. For assistance with this and your other assorted IT needs, give our team a call at (603) 889-0800! White Mountain IT Services is here to help your business however we can.

VoIP, either hosted locally or in the cloud, can bring any business a solid ROI because you use a resource that your company already has in place, your Internet connection to send and receive calls.  Antiquated Strategies and Technologies If you?re still relying on the traditional telephone system of yesteryear, you could be making your job more difficult than it needs to be. Businesses that still use traditional telephone systems have limited ability to grow and expand. Adding new users can mean adding new telephone lines and extensions, a process that?s not necessarily easy. The most logical course of action is to figure out how your business can get away from traditional telephone providers. After all, these are the same organizations that are known to provide bundles filled with services you don?t need. Plus, running telephone wires and adding new users or phone numbers can be quite the hassle, one that you don?t have to worry about with a more dynamic solution. Get a Cutting-Edge Telephone System With great new features that put traditional telephony to shame, VoIP is a sustainable and investment-worthy technology for any business, small or large. VoIP uses your Internet connection rather than a traditional telephone line to function, giving any device with a VoIP application and an Internet connection the ability to work like a phone. Since VoIP only needs your Internet connection, you?re essentially eliminating mobile expenses from your budget. To learn more about how else your organization can benefit from VoIP, reach out to us at (603) 889-0800.