Two-factor authentication (sometimes called multi-factor authentication) is the practice of expanding on the protection that is attained by using a password. After a person logs in with their password a two-factor authentication platform requires a separate code–typically generated by an authentication app or a text message or email to an assigned number/email address–to gain access to whatever is secured. 2FA is pretty standard on most online-based platforms nowadays. All things considered, it does help beef up security; but, can 2FA be more trouble than it?s worth? Let?s take a look.  With many software developers now incorporating two-factor authentication into their applications, it has become pretty commonplace to have the option regardless of the software you are using. Some of the best times to roll out two-factor authentication are when you have sensitive, personal, or proprietary information to secure. While there are cracks in the foundation of this method of access control, many businesses require that their staff sign into email or line of business apps using a 2FA system. Better safe than sorry, right? In the business setting, it makes sense to put this strategy to use. While it may be mildly irritating for your staff, the benefits, if only for organizational piece of mind, are worth the reward. Individuals, on the other hand, don?t typically need the end-to-end security that a business needs. Those that do employ some degree of additional security (beyond passwords) don?t always find it to be helpful. There is also the small matter to discuss that suggests a 2FA platform doesn?t even work. Wait, Two-Factor Authentication Doesn?t Work? Studies have shown, and have been corroborated by industry professionals, that two-factor authentication is just like any other currently-used, non-biometric security standard: about to be antiquated. Today, hackers are creating phishing websites that look just like the corresponding site on a web services website that states that their account information is about to go bad. The fooled party enters the information needed and now the hackers have the password, the one-off authentication code and complete access to the system.  This may be a troubling trend, but rest assured, it is typical of every security strategy that has come up. The predominance of hacking makes all efforts seem insecure. Think about what you?ve been told. Just a short time ago you had to have a near-random passphrase, before that you needed to use a password manager, before that you needed to have a complex password of at least 12 digits that included capital and lowercase letters, numbers, and symbols. That?s not to say that 2FA doesn?t work. It absolutely does. Just be mindful that relying too much on one part of your access control strategy will likely result in data breach, headache, and frustration.  2F-Awesome Situations to Use Two-Factor Authentication Two-factor authentication may not be the be-all, end-all to your security needs, but it is still better than nothing. Here are a few situations where you will absolutely want to institute 2FA: Remote access to corporate networks – With businesses using a more mobile workforce, securing remote endpoints makes a lot of sense.  Ecommerce – Anytime you require people to submit or view sensitive or financial information, using 2FA is a good practice.  Cloud services – Shared computing resources in the cloud should be secured to their max. […]

Real Quick, What?s the Cloud Again? It?s not a dumb question, because the term ?the cloud? is used synonymously for essentially any data stored on the Internet. It?s a very broad term with a lot of loose ends. Technically, Twitter and Facebook are ?the cloud? and your website host is also ?the cloud.? Google Drive, Dropbox, and Microsoft 365? They would also fall into this category. If you store data on the Internet in one way or another, you are essentially in the cloud. If you want to split hairs, you can even look at having an online bank account as being in the cloud, because your personal information is stored on the bank?s online servers. If you send digital photos to get printed at Walmart, those photos are going to Walmart?s servers and stored in, you guessed it, their online cloud. When you attach a file to an email in Gmail, that file is stored on Google?s servers in the cloud. When you ask your Amazon Echo to remind you to wake up early next week to make it to your oil change, your voice is being transferred to the cloud, and your schedule gets processed and sent to your device. New Hampshire businesses use the cloud for storing company data, sharing documents, or even using cloud-based apps like Office 365 to edit files from any device. Often, line of business applications will have cloud options too, so the software itself and all the data is stored offsite. You Make It Sound Like Most of Our Data is Online? Is This Bad? Well, depending on how you store your data, this might be the case. Whether or not it is a good thing or a bad thing depends on what your data is and where you are storing it. Many businesses still have onsite servers where they store company data. This means the responsibility to keep those servers secure is on them. It?s no different than storing all of your vacation photos on your home computer – if something happens to your computer and the files aren?t backed up, you might be out of luck. This is why we all take precautions to secure our networks, install antivirus, set up firewalls and security devices for our businesses, backup data, etc. The cloud is just someone else?s computer. If we store data in the cloud, we are entrusting someone else to protect it. There are pros and cons to this. First of all, if someone is in the business of storing data online, ideally they are able to afford the best security to keep that data safe. This isn?t a guarantee, but chances are a massive company like Google or Microsoft has more capital to invest in protecting the data of their customers than a small business. The problem is that not all cloud solutions are created equal, and they aren?t all investing the massive amounts of money needed to protect the data that they store. Plus, these solutions are bigger targets for hackers. A massive data breach at Microsoft would be a huge score for a group of hackers. We?ve seen situations where these big cloud entities have been breached before in the past. Yahoo, Google+, Dropbox, and Apple iCloud, have all experienced different levels of security breaches, and major […]

Cybersecurity is just risk mitigation. These five steps will go a long way toward managing the amount of risk, while extending the knowledge base of your staff, and distributing some of the responsibilities for the security of your data to them. These aren?t ironclad policies enacted to protect data, they are tips designed to help an organization better manage the stress that comes from the spike in cyberthreats many businesses see in the course of doing business. #1 – Keep a Clear Inventory of Assets The first step toward risk mitigation is to know, and document, exactly what assets you need to protect. This includes every wire, extra peripheral, and piece of software your business has purchased. By knowing exactly what hardware and software you possess, the easier it is to manage it.  #2 – Educate Users on Cybersecurity Best Practices Training your staff on what it takes to secure a business? computing network from the myriad of threats your business is exposed to is fundamental to actually protecting these systems. Their online behavior matters, and the more they know about how to spot phishing attacks, how to create and use proper passwords, and how to build work profiles on their mobile devices, the better off your organization?s security efforts are going to be.  #3 – Address the Shadow IT Problem Shadow IT is software that is downloaded by end users that hasn?t been approved by an organization?s IT administrator. In order to keep software from being vulnerable it has to actively be patched with security updates. If end-users are just downloading any program they want, what?s stopping an infected program from appearing on your network one day? Nothing. Make sure your staff has a clear understanding of what software is allowed and how to download and update approved software titles. #4 – Have Tools in Place Comprehensive cybersecurity is dependent on sticking to solid practices, understanding the threats, and having the tools in place to ensure that security can be maintained. Tools such as antivirus and anti-malware, content filtering, spam blocking, and a strong, constantly updated firewall go a long way toward giving any organization a shot at keeping threats from becoming a huge problem for a business.  #5 – Sometimes IT Gets Old Just like humans, sometimes the older a piece of technology gets, the less effective it is. By upgrading away from old technology, and keeping your technology patched and updated, you have the best chance of protecting your business? digital assets and keeping malware, hackers, and the like out of your network. If you would like more information about getting the tools you need to keep your network and infrastructure free from threats and working effectively, reach out to one of our consultants today at (603) 889-0800.

What is AI? The AI that we see in business today isn?t the same AI that we see portrayed by sentient robots in the movies. This is undoubtedly a good thing, but with each passing day more AI is being used for business. AI and machine learning (ML) are the underlying processes of machines using algorithms to perform tasks without the explicit parameters that are typically necessary. Through AI and ML, businesses are benefiting by eliminating work.  In the course of doing business there are a lot of small, mundane, and repetitive tasks that cost businesses a lot to carry out. Typically due to the costs established from having people performing those tasks. Today AI/ML systems are capable of accomplishing many of these tasks with a keen eye for small deviations. In some cases, they respond well to larger deviations. Let?s take a look at some of the way’s businesses are using AI/ML right now. Network Security In the course of keeping networks secure, there are dozens of very mundane, very repetitive tasks that need to be accomplished. Integrating AI into IT services and hyper-converged infrastructure systems, helps balance workloads by automating network security tasks. Cyber-Defense Aside from regular network security tasks, AI/ML systems provide answers to the breakneck speed of network interactions. By being able to check network packets faster than ever, and quickly discern what is in them, these AI cybersecurity systems can work to quickly cross reference information to ascertain exactly what information should be allowed and what should be blocked.  Chatbots Everyone knows that customer service is a major part of doing business, and many sectors have begun to roll out AI-fueled chatbots to handle the product and service support via a website-based chat application. These interfaces are building intelligent conversational abilities with machine learning. Since most support questions are asked frequently, the chatbot can learn how to return useful conversation about products, services, and company information.  Business Intelligence and Predictive Analysis One of the most important uses of AI is as a supplement to a dedicated business intelligence platform. AI can enable BI tools to produce much clearer, much more useful insights. The clearer and more useful the insights the more forward-thinking decision makers will use them. Accounting and Billing Accounting has been one of the most straight-forward aspects of businesses, but now, with AI, more and more organizations are trusting the useful AI-field applications to streamline data entry and data reporting. AI systems are also being used to maximize the costs associated with payment processing, invoicing, and other financial tasks necessary to any business.  AI may not be what we envisioned at this point, but it is useful enough to help your organization streamline its operations enough that it will be sure to have an effect on your bottom line. How would you like to see AI used to improve your business? Subscribe to our blog for more great information about today?s most dynamic technology trends. 

Understanding Hackers, Based on Motive In truth, popular entertainment has taken quite a few creative liberties with the concept of a hacker, while simultaneously reducing them into a few noticeable stereotypes and tropes. You have the standoffish and reclusive criminal, the quirky member of a given law enforcement acronym team, and a handful of other, very similar archetypes.  However, these tropes have all contributed to a predictable, stereotypical caricature that most people associate with the term ?hacker?: Someone sitting alone in a room, surrounded by monitors, typing while windows open and close on their screens. But again, this is a caricature, an exaggerated approximation based on a limited view of reality. The Real-Life Varieties of Hacker In the real world, there are many different kinds of hacker, differentiated by their ultimate goals and the methods they employ to achieve these goals. Admittedly, there were originally just two, differentiated by referencing the costuming traditions of Western movies. The hero would wear a white hat, the villain, a black hat. Hackers were categorized between white-hat and black-hat, initially, with more colors being adopted to accommodate the many varieties that developed. White Hat: These are the good guys – they?re the ones who go through official channels and try to hack into program so that vulnerabilities can be identified and resolved. The white hat hacker frequently uses vulnerability assessments and penetration tests to accomplish their objective. Black Hat: Again, in keeping with the traditions of old Western movies, the black hat hacker is a villain, and is closest to the stereotype of a hacker that most people are familiar with. Generally with selfish, greedy, or vindictive motives, a black hat hacker seeks to do harm as they steal financial information, trade secrets, or leave an unpleasant surprise on your network. Grey Hat: You have to mix black and white to get grey, and that?s more or less how it applies to hackers. Acting as a kind of online vigilante, the grey hat hacker largely works to take down online threats as a white hat hacker would – but by employing the kind of tactics that a black hat hacker would use. Red Hat: Red hat hackers are the guerillas of the hacking world. Intercepting the attempts made by a black hat hacker, red hat hackers attack their systems to sideline the black hat hacker. Green Hat: Inexperienced and uninitiated, green hat hackers have no practical hacking experience. However, they will lurk on forums to learn more about hacking attempts from other hats. Blue Hat: Another form of amateur hacker, a blue hat will take advantage of preexisting attack vectors to infiltrate their targets. They are often inspired into action by their personal feelings, and use very basic attacks to their advantage. Why Hackers Hack There are many reasons that a hacker may be driven to do what they do – and there isn?t always a single reason for it. Some common motives include: Theft and Distribution for Profit This is one of the most obvious reasons for a hacker to do what they do, as there are many ways that a hacker can use stolen data for their own benefit. Whether they steal a person?s credentials and drain their accounts, blackmail them with private data, or simply steal data to sell to other […]