By the way, the following would all apply to the office as well. So, don?t hesitate to use some of these tricks in the workplace. Elevated, Centralized Placement For your business to use the Internet wirelessly, your router needs to be able to get the signal to every device used in your day-to-day processes. This means that the signal should have as unobstructed a path as possible to, once again, every device. To accomplish this, it helps to avoid as many obstacles to the signal as possible. While not all obstacles can be avoided, you should make sure that you eliminate as many as possible. One great way of doing so is to strategically place your router in a centralized place in your business, elevated above most barriers. This will help keep your coverage relatively consistent throughout the workspace. Keep It Away from Clutter On a related note, these signals can be blocked by obstacles of all sizes. So, while placing the router on top of a cabinet in the middle of the office will keep Rob?s desk from blocking the signal, stacking extra supplies around it will create just as much difficulty. Other devices and even wires can seriously disrupt the wireless connection. Try to keep the area around your router relatively clear. Not only will this help preserve a stable signal, it will help keep heat from building up there and causing other problems with your equipment down the line. Augment with Extenders, or a Second Router Let?s say that router placement or clutter isn?t so much the problem, and it?s more of a problem of scope? your router just doesn?t get the signal to all of your employees, or the number of employees you have just clogs up the signal. There are a few ways to potentially fix these issues. First, you could extend the range of your Wi-Fi signal using signal extenders. If you need to make more connections, you can add an additional router to your network as well. White Mountain IT Services is here to assist you with your IT, from building the infrastructure that meets your needs to yes, helping you set up your wireless network. Give us a call at (603) 889-0800 to learn more about what we can do for you, and make sure you subscribe to our blog for more handy IT tips.

Warnings from Federal Agencies The issue of voice phishing is currently being pressed by the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency alike. Vishing is the same as any other phishing attack, just conducted through a voice call instead of an email or other form of message. These agencies have announced that cybercriminals have begun a vishing campaign, directed toward those that are working from home. By extracting login credentials for corporate networks, these criminals can turn a profit by selling access to other cybercriminals. The Vishing Strategy According to the FBI and CISA, cybercrime groups have registered facsimile domains to mimic legitimate company resources before developing phishing sites to live on these fake domains. These domains commonly had a structure like the following: support-[company] ticket [company] employee-[company] [company]-support If someone were to visit these pages, they would find a page that looked very much like a company?s login page to their virtual private network?so as a result, if someone were to input their credentials, the cybercriminal would then have the means to access the business? network. These pages can even capture multi-factor authentication measures. Once these pages are completed, the criminal groups responsible then begin to research a company?s employees to build a profile on them. Names, addresses, phone numbers, workplace titles, and how even how long an employee has even been employed at a company are all included in these dossiers. Then, using random or spoofed VoIP numbers, hackers call these employees and swiftly gain their trust. Once this trust is acquired, the attacker directs the targeted employee to the spoofed VPN page. Quicker than you can say ?social engineering?, the hacker can then access the legitimate account. From there, the attacker is free to do as they please?collecting data on other employees and contacts to take advantage of or extracting other data for financial gain. With attackers now directing these vishing scams toward remote workers, it is more important than ever that your team understands how they can identify phishing scams Identifying Scams Be suspicious of unsolicited messages?including calls and voicemails?from those you don?t know. If possible, verify their identity through another means to ensure that they are legitimate. Keep track of the number that any suspected vishing messages come from, as well as the Internet domain you were directed to. Don?t visit a website on a whim after a caller directs you to it, unless you have reason to believe it is legitimate. For more assistance with your business? security, reach out to the IT pros at White Mountain IT Services. Give us a call at (603) 889-0800 to start a conversation.

Managed IT Services It?s true that many businesses that are looking to cut back on their expenses have already moved over to a managed service provider (MSP) in order to reduce their IT support costs. Many of today?s businesses depend on their technology, and one of the best ways to cut back on your IT-related expenses is to outsource some or all of the management. Your business has probably committed to a certain level of productivity, and more than likely COVID-19 has reconfigured those expectations. When your staff was laid off or working remotely, you may have seen the effect it has on your bottom line already, but more likely as things return to ?normal? you will see revenues hindered from all types of outside factors and the productivity of your staff may not be your biggest concern. It may be keeping people employed. Unfortunately, in today?s austere business climate, that may not be possible. By outsourcing your IT management and support to an MSP, you can get the comprehensive IT support your business needs, while reducing your technology-related expenses dramatically. IT services providers excel in keeping downtime to a minimum by constantly monitoring and actively managing all supported technology to ensure that problems are mitigated and downtime is left to a minimum. Additionally, MSPs provide around-the-clock IT support for all of your staff through our help desk.  When looking to cut costs, maintain support, and still get the IT support your business demands, choosing the right MSP will go a long way toward keeping your IT working for your staff and not the other way around.  Migrate to the Cloud Another service model that can reduce upfront costs is to migrate internal IT over to the cloud. This goes double for companies that were looking to spend this year?s IT budget on a new hardware refresh. Since committing to large investment is not a prudent strategy right now, utilizing the cloud for new operational strategies might be just what you need to stem the tide until your company can afford that new server.  Think about it: consider that a hardware replacement could come with a five-to-six figure price tag (depending on the size of your company), paying for the computing that your company uses in the cloud can be a great short-term sacrifice that will allow you to get through lean times with more of your business? technology intact.  Committing to Security With so many businesses using hosted solutions, there is a concern that it will make information systems less secure. It?s for this reason that prioritizing your physical, network, and cybersecurity strategies has to be a priority.  Physical security – Your business? physical security always has to be a priority, and in recessionary times, that priority is heightened. Digital camera systems, access control, and secure authentication systems are important when you need to monitor, control, and protect your business? assets.  Network security – Ensuring that you have the protections needed to detect intrusion and eliminate threats will go a long way toward ensuring your internal IT continues functioning proficiently.  Cybersecurity – Protecting your remote endpoints and having a mobile security plan are important to ensure that your cybersecurity is maintained. You will also want to properly train your staff on the myriad of cybersecurity threats that could decimate […]

Take, for instance, Microsoft. But First? What is Passwordless Authentication? Passwordless authentication is precisely what it sounds like. Instead of requiring a person to authenticate their identity by inputting a predetermined passcode, passwordless authentication looks to other measures to confirm validity. Does the user have access to a verification application? Do they possess a security token? Do their biometrics match the reference data? Have they already been authenticated by another service or application? If your phone unlocks when it recognizes your face or fingerprint, you?ve used passwordless authentication before, or if you?ve received an access code via text message or email. While not all forms of passwordless authentication are equally secure, they generally resist the weaknesses that the traditional password is prone to: Insufficient strength, making brute-force attempts much simpler for cybercriminals Without a password, users cannot reuse passwords across different accounts Brute force attacks require a password to be present to work, which passwordless authentication negates The Benefits of Passwordless Authentication Cost Efficacy Passwords can be shockingly expensive to maintain. Forrester Research has estimated that each password reset costs the company $70, finding that large organizations spent $1 million in staffing and infrastructure alone to handle them in 2018. However, if there is no password to reset, there will be no cost associated with resetting it. Improved Convenience in the User Experience When the average user nowadays is expected to remember literally dozens of passwords, there?s little wonder that so many users resort to just picking one and recycling it over and over. From the user?s perspective, it?s more convenient, which means they can access what they need and get down to business more efficiently. Of course, this doesn?t encompass the full reality of the situation. Therefore, to ensure that your security is maintained, it makes sense to make the most secure option the most convenient one as well. Passwordless authentication removes all the pressure of remembering all those credentials. As a result, your employees will both be under less stress and in a position to securely work towards your organizational goals. Security Finally, and most crucially, passwordless authentication is safer. Think about it: cybercriminals are targeting the human element more and more frequently as they leverage their attacks. Phishing is a common means for a cybercriminal to gain access to your business? data, and there are plenty of other attacks that target your authentication measures anyways, like credential stuffing and brute force attacks. Each of these attacks relies on a set, concrete password being the key to the castle, so passwordless authentication measures can minimize the threat they pose. Reasons like these are why Microsoft is putting so much effort into passwordless technologies. What Microsoft is Doing with Passwordless Authentication In no uncertain terms, quite a bit. In addition to 150 million consumer and enterprise accounts using passwordless authentication measures as of May 2020, Microsoft itself has effectively made an internal transition to passwordless. Up to 90 percent of their own 150 thousand employees have opted into passwordless authentications?saving Microsoft 80 percent of the support costs that once went to internal password management. Microsoft has accomplished this by pairing passwordless measures with secure multi-factor authentication. Their strategy now can be summed up as saying, ?Okay, so this user appears to be who they?re supposed to be. Let?s make […]

One of the major problems a business owner needs to confront is the situation surrounding sustained downtime. Business continuity demands a lot of assessment and a whole lot of action be taken in a short amount of time. After all, downtime is a business killer. The establishment of a continuity plan not only solves the immediate problems (e.g. a server failure), they return your business to a productive state, fast. All businesses struggle with hiccups of continuity. Something as simple as a cloud application being down for 20 minutes can cost a company a lot of money. When downtime is sustained, however, the costs add up by the second. A business that is forced into stagnation by downtime can fail within days.  Modern Continuity Today?s business continuity plan is not much different than it was 50 years ago. The assets have just changed. Today, most of the assets that need to be protected are through reliable digital means. This means that if you want to look for a place to start, look at your organization?s IT. Like you would have done with established business continuity methods, you will want to make a list of the people who need to know if continuity is broken, and who is in charge of relaying that information down the corporate tree. Typically, there will be one person that is tasked with relaying information to department heads, and they will take it from there. Ensuring that there is a plan in place to mitigate cost in the case of sustained downtime is essential to mitigating problematic situations. Take Action In business continuity, action is the name of the game. Depending on the situation, after your people are informed of a breach of continuity, the next step is to mitigate the problem. Some situations are more difficult to rebound from than others, but ultimately a solid business continuity plan is an incremental approach to getting your business back up and running properly. It could take a minute or a couple of weeks, but ensuring that every mission-critical resource is covered under your plan, and that there are defined actions that need to take place will work to return operations to normal more effectively. All continuity tasks should be assigned a specific timeline for completion, with the highest priority tasks coming first. Customer Relations Customer care is a big part of a business? continuity strategy. In fact, if you are dealing with a major outage, keeping your customers supported can work to stem service mutiny. You?ll need to contact your suppliers and vendors to keep other company?s supply chains from grinding to a halt. Keeping your relationships solid will alleviate one big headache if you are dealing with sustained downtime. Technology and Data You will want to have identified what hardware and software are essential, as well as have a good idea about how long it will take to restore your data and other systems into working condition. This also applies to any equipment that is necessary to restore operations. You?ll want to make sure that you know exactly what tools you need and the length of time that it will take to get things back up and running. You will also want to have identified your data needs and have a data backup and recovery platform […]