Zoom?s 90-Day Security Plan On April 1, 2020, Zoom announced that it had a 90-day plan to address the numerous security concerns and criticisms that had plagued many users. The crux of the issue was that Zoom links were commonly being shared on social media? effectively opening these meetings to anyone who could find that link. As a result, the concept of ?Zoombombing??unauthorized users hijacking meetings and sharing offensive content?was born. After numerous attacks were waged against organizations of all kinds, Zoom saw that it needed to make some changes. Therefore, on April 1st, the company announced that it would be pausing any new features to focus specifically on those related to the platform?s security. These include: Passwords are now required to access all meetings Waiting Rooms (a space where a meeting?s guests had to wait to be approved by the host) are enabled by default The default settings only enable the host to share their screen Furthermore, Zoom?s acquisition of Keybase has enabled them to incorporate end-to-end encryption. Other internal changes are also now in place including a bug bounty program, deeper penetration testing, and other security improvements. Some Brief Controversy However, Zoom has not escaped all criticism as it has made these changes. In June, CEO Eric Yuan shared that the end-to-end encryption feature would be exclusive to paying users. Once users and security advocates alike spoke out about this policy, Zoom quickly walked this policy back. While it is still rolling out this capacity, and it may interfere with some other features, Zoom is also actively planning for the future with its next improvements already planned out. So, is Zoom Safe to Use? Compared to where it was? Absolutely. However, you may still want to take what you plan on communicating into account when deciding whether to use Zoom for certain conversations, just to be safe. Erring on the side of caution is always the better option when your business communications are involved. Whatever your business? technology needs may be, White Mountain IT Services can help you find and implement the solutions to fulfill them. To learn more about what we have to offer, give us a call at (603) 889-0800 today.
Security Steps Let?s face it, your business? cybersecurity starts and ends with your staff. They need simple, practical directions to follow or they simply won?t pay any mind to it. You don?t want to be the business that deals with significant turnover because security tasks are so demanding that their employees would rather work elsewhere. You will want to take the time to go through every part of your IT and brainstorm potential problems. You will address situations such as: What qualifies as confidential data, when and how this data is to be shared, best practices and requirements for storage and access credentials How devices used for work are to be maintained and handled, which devices may be approved for use, how to get a device approved How employees are required to go about transferring data, remote work policies, threat reporting processes Understanding the potential problems your business faces can go a long way toward dictating where you need to invest capital on the security side. Prioritize Training Many businesses are still not training their employees even though up to 94 percent of all cyberthreats that come in are due to employee error, negligence, or sabotage. As a result, it?s extremely important to have a comprehensive security training platform in place. You need to teach your employees about phishing, about social engineering tactics, and about data care. Use Innovative Tools There are a lot of businesses that have a lot of security measures that they use to mitigate problems such as data theft, intrusion, and especially malware deployment. These solutions can be had in a comprehensive security suite that includes firewall, antivirus, content filtering, spam blocker and more. To learn more about the powerful security tools your business can implement to keep malware and other threats off your network, call the IT security experts at White Mountain IT Services today at (603) 889-0800.
The fact is that everyone has those devices that they use once in a great while, whether they?re for personal use or for professional purposes. Consider a video camera: for many individuals, it only comes out at birthdays or events, and oftentimes, the same can be said of those that businesses keep on hand. However, the batteries that power video cameras?and a great many other devices, for that matter?simply weren?t designed to sit idly by and go unused for long periods of time. The battery could see its life diminished, or even explode. With that in mind, consider how many rechargeable devices you have that you haven?t touched for some time, and the potential risk that?s just sitting there. How to Safely Store Rechargeable Devices Whenever these devices are to be stored for extended periods of time, the recommendation is to do so with them hovering at about 50 percent battery life. They should be taken out and refreshed once every three to six months and should always be kept someplace cool and dry. If the battery hasn?t been used in some time, make sure to double-check that it isn?t damaged before you try to use it. If it turns out to be time to dispose of it, you need to ensure that you are doing so properly. On the topic, devices like smartphones, laptops, and tablets follow a few different rules. These devices will only lose potential battery life after being completely expended and recharged around 500 times. Furthermore, they can be left plugged in without damaging the battery or contributing to the 500-recharge limit. Why Should a Business Care? We?ve already gone over the potential risk that all your personal devices could potentially pose. Now, take a moment to consider how many devices are stored in the office, and how much these devices could cost to replace. To avoid this expensive circumstance, you need to be sure that your technology is properly maintained so that you have it when you need it. It also doesn?t hurt to have somewhere to turn when it does need repairs or replacement. Turn to White Mountain IT Services and our team of experienced professionals. Find out what we can do to benefit your business? technology by calling (603) 889-0800.
Disadvantages of Mobile We all know the advantages of mobile devices, but what isn?t always discussed are the negatives of using mobile platforms for your business. Let?s start with security. Mobile devices are susceptible to many of the same problems that PCs can have. Users will visit scam websites and click on links and attachments that they shouldn?t be clicking on, jeopardizing the mobile device and any computer network it comes into contact with. Cybercriminals also work to intercept wireless communications and can steal data and gain access to secure accounts in this manner. These are not the only ways mobile can bring problems into your organization. Sometimes it can be a corrupted application that can be the culprit, and if mobile apps aren?t patched and updated, vulnerabilities in these platforms can give hackers the opportunity they need. There is no bigger problem with mobile devices than the fact that there are simply more endpoints to manage. An organization that once had 25 workstations, now has 25 workstations and 25 mobile devices to manage. Add in the consideration that most of the mobile devices that are being used for work belong to the user and not the company, with multiple operating systems to consider, and it creates a complex, often convoluted situation for IT admins. Bring Your Own Device Most businesses, especially SMBs, don?t have the available capital to outfit their whole workforce with company-owned mobile devices. Some will subsidize the purchase of one or pay the worker?s monthly bill, but by-in-large, the purchase of a mobile device is left to the user. As a result, most businesses today have had no choice but to make contingencies for their employees? smartphones. For a while, businesses tried to implement policies reducing smartphone use in the office, but over time it became clear that the more connected a worker is, the more likely they would be willing to do more work, more often. To support all these employee smartphones?and, to a lesser extent, wearable technology?businesses started implementing Bring Your Own Device (BYOD) policies. Instead of outlawing the use of mobile devices in the workplace, now users could bring their devices to work so long as they used them according to a set of rules created by the organization. Opting into the BYOD policy would allow employees to access certain company-hosted data and applications while granting the organization?s IT administrators access to the mobile device. Mobile Management Once the employee opts into the BYOD policy, mobile management begins. People tend to have bits of their entire lives on their phones, so opting into a platform that gives other people access to its contents is no small ask. Fortunately, there have been developments that provide some assurances to both the company and the mobile device?s owner, who likely forked over a couple of weeks? worth of pay to purchase that device. Today?s mobile management platforms are feature-rich, allowing administrators to manage the security of data and applications, manage access to company-hosted software and resources, track the device, remotely troubleshoot or wipe the device, and more. Additionally, for organizations that have to consider how their data moves to keep in line with any compliance regulations, a mobile device management platform provides assurances that employees aren?t playing fast and loose with sensitive information. Compliance standards like […]
Why Doesn?t IT Like Me? If you?ve read this far, chances are that you are what an IT professional would call an ?end user,? which is just someone who uses technology to accomplish their goals. Let me ask you something: how many end users would you assume have the same level of technology experience as an IT technician? Naturally, very few end users have this level of familiarity? otherwise, there wouldn?t be any need for the IT department. As a result, the end user is more susceptible to security issues and threats?the very things that IT is trying to minimize. Looking at it this way, it is understandable that IT might occasionally be frustrated. While we certainly know better than to try and make you an IT expert over the course of one blog, we can give you some advice to help you avoid such issues and thereby give your IT resource a bit of a break. This is a win-win, because the less time an IT professional spends cleaning up messes, the more time they can spend improving your business processes. Seeing as it is currently Cybersecurity Month, let?s review a few troublesome tendencies that the average end user slips into that could create issues so that these habits can be broken. Clicking on Everything Links are a funny thing. If I were to include a link in this blog, there?s a fair chance that you might automatically click through it out of habit. Even if I expressly told you not to click through it, many end users would click through it anyways. Let?s test this theory. The danger here is simple: cybercriminals know how tempting it can be to click on a link, how automatically so many of us tend to do so. This is why the use of misleading links is such a major part of a phishing strategy?basically, the ?made you look? of cybercrime. Rather than bringing you to the page you anticipated, a phishing attack might install malware, or create a fraudulent lookalike page to steal whatever data you input. One of your users falling for a phishing attack is all it could take for a cybercriminal to bypass your network security, so it is important that your team knows why clicking links is more dangerous than they would expect. Make sure that, before clicking, your team members hover their cursors over any links to confirm where they will go, and when in doubt, to not click. Installing Unapproved Software Similarly, the ?Install? button can be very tempting for an end user. The problem? That helpful-looking online application or browser add-on could easily subject your network to compatibility issues and security threats. Considering this, you should insist that?unless a program is sourced from an operating system?s official marketplace, or your IT department has already vetted it?a user should never install anything. Ideally, they wouldn?t install it anyways, relying on IT to properly supply and configure the solutions needed for the job. Poor Password Hygiene Few other best practices are as frustrating for an IT technician to repeat as the guidelines for proper password creation and management. As the current standard in identity authentication, it is beyond important for you and your users to comply with assorted password rules and requirements, such as: Using a different […]