Nope! While yes, the fact that we no longer have to remember each different password for our online accounts may seem ideal, relying on the browser to remember them for us presents a few issues. Each of these browsers leaves some kind of opening for a hacker to review a user?s list of passwords. Google Chrome – When a user is logged into their Google account, Chrome will automatically save any passwords that user inputs. If a hacker was then able to gain access to that Google account, the entire list of passwords would be available to them. Mozilla Firefox – Utilizing low-level encryption, Firefox hides a user?s passwords, utilizing a single master password as the encryption key. However, because this encryption has such a low level, a brute force attack can break it. Plus, if someone is in possession of the device itself, they can access the passwords without having to log in. Safari – Just as is the case with Firefox, Safari stores all passwords in the browser?s settings, where they can be accessed without a login required. Internet Explorer – When Internet Explorer saves passwords, all it takes to expose them is a readily available tool. Microsoft Edge – Edge has had some security issues, such as a flaw that enabled hackers to read files that were browser-compatible (like the notepad files that some might keep a list of passwords in). In addition, some third-party password managers, like Edge Password Manager, have failed to require password authentication in the past. Of course, there are other threats to your password security as well. For instance, a bug that dates back 11 years was discovered early this year that allowed website credentials to be stolen. A secondary form was hidden behind the login form, stealing usernames (which were often just the user?s email) and passwords without the user having any idea. What Can Be Done? Your first step should be to disable your preferred browser?s built-in password manager. Google Chrome – Under the toolbar, select Chrome Menu, and from there, Settings. Scroll down until you can select Advanced, and from there, select Manage passwords (found under Passwords and forms). Finally, switch Auto Sign-in to off. Mozilla Firefox – In the toolbar?s Firefox Menu, access Options. On the left, access Privacy & Security, and find Forms & Passwords. Find the Remember logins and passwords for websites option and deselect it. Safari – Select Safari Menu from the toolbar, and then select Preferences and Autofill. Then you?ll need to deselect Using info from my Address Book card, Usernames and passwords, and Other forms. Internet Explorer – First, you need to reconsider utilizing Internet Explorer, assuming your organization gives you a choice in the matter. If you must, you will want to access the toolbar?s Internet Explorer Menu and select Internet Options. From there, click into Content, and select Settings (found under AutoComplete). Deselect both Forms and Searches and User names and passwords on forms. Finally, save your changes by clicking OK. Microsoft Edge – Again, from the toolbar, select Edge Menu and from there, Settings. Scroll down to find View advanced settings. Under Privacy and services, deactivate Offer to save passwords, and under Manage passwords, deactivate Save from entries. We understand, remembering all of your different passwords can be a real […]

When we say outsourced, we mean that managed IT services are managed and maintained by someone outside of your business. This means that you don?t have to hire new staff to manage the technology you need to keep operations moving forward. Depending on how much you want to invest in managed services, you could either outsource a single solution or an entire project?s implementation. Either way, managed IT?s purpose is to help small businesses like yours through better access to important technology management services. It?s inevitable that you?ll ask why you should trust something as important as your IT infrastructure to outsourced workers. After all, they don?t work for your business. Well, to put it simply, the right managed service provider does work for your business. They want to help your organization make the most of its technology solutions. The right managed IT provider will act as an extension of your business? internal IT department (or lack of one), providing support as needed for your organization?s administrators and users. It?s basically like having an IT department, minus paying for their salaries, onboarding, and training. This makes outsourcing a viable alternative for small businesses, as the small monthly payments are more affordable than other options. Overall, the quality of IT management when outsourcing it to a managed service provider increases. This is basically because the quality of your service increases compared to if you have either no support, or you?re relying on your untrained employees to maintain IT solutions. If maintenance isn?t done properly, your business could suffer from large repair or replacement costs, and that?s not even mentioning projects that aren?t managed properly. In times like this, it helps to have professionals who can provide a helping hand–whether it?s simply operating in a supplementary role or as your full-fledged IT department. Managed IT makes managing IT easier for small businesses, which can go a long way toward making sure your organization remains profitable and efficient. To learn how your business can take advantage of managed IT solutions, reach out to us at (603) 889-0800.

Today, we?ve compiled some statistics that give these threats context, as well as a list of some of the most devastating hacks from the first half of 2018. Hopefully, these lists will put into perspective just how important building a network security strategy is for your company. Here are some statistics to help reinforce just how important cybersecurity is: In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016. Nearly 1-in-3 organization have experienced some sort of cyberattack in the past. Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017. 100,000 organizations were infected with the WannaCry ransomware (400,000 machines). 5.4 billion WannaCry attacks were blocked in 2017. The average monetary cost of a malware attack is $2.4 million. The average time cost of a malware is 50 days. Ransomware cost organization?s over $5 billion in 2017. 20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation. Phone numbers are the most leaked information. 21 percent of files are completely unprotected. 41 percent of companies have over 1,000 sensitive files left unprotected. Ransomware is growing at 350 percent annually. IoT-based attacks are growing at about 500 percent per year. Ransomware attacks are expected to quadruple by 2020. 7.7 percent of web requests lead to malware. There were 54 percent more types of malware in 2017 than there were in 2016. The cybersecurity market will be worth over $1 trillion by 2025. If that isn?t scary enough, below are some of the attacks that have taken place in 2018. We?ve broken them down into public (individuals, governments, etc.), and private (businesses). Keep in mind all these events took place before the calendar turned to July: Public January The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees. March Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta?s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million. India?s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person?s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database. Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn?t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event. June A hack of a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials. This also exposed which police departments aren?t able to respond to an active shooter situation. Private January 280,000 Medicaid records were exposed when a hacker attacked […]

At first glance, you might think that implementing an enterprise-level security solution for your small business might be overkill. After all, you?re a small business–not a large enterprise with a target on its back at every turn. Unfortunately, the reality of this situation can?t be farther from the truth. Because you?re a small business, hackers know that you might not invest in security solutions, whether it?s simply because you don?t want to or because you can?t afford to do so. This makes them more inclined to target you. Consequently, one can see the importance of running security measures to keep threats at bay. It?s hard to argue that preventative measures aren?t beneficial to the security of your business, and as far as keeping threats out of your infrastructure, you can?t go wrong with an enterprise-level firewall, spam protection, and content filtering solution. But where a lot of organizations get hung up on is antivirus, particularly because they might be under the impression that an antivirus solution doesn?t yield a return on investment unless your organization does indeed suffer from a data breach. This isn?t necessarily the right way to look at antivirus? ROI, though. To determine how much ROI an antivirus solution presents for your organization, consider what it does. It eliminates or quarantines threats on your network that would otherwise multiply and spread threat influence across your network (or beyond). When businesses suffer from a data breach, the initial infection is merely the inciting event. If a threat lingers, it can potentially deal a critical amount of damage or infect multiple devices, making it even more difficult to get rid of. The costs of dealing with a data breach are no joke, as your organization could pay a ludicrous amount of capital in reparations toward those who are affected, all while trying to keep operations moving forward and paying for any breaches of compliance that may have resulted from the attack on your business. It?s clear that in the face of a data breach, it?s critical to nip the attack in the bud before it causes more damage than it needs to. This is where antivirus solutions come in. If a threat is detected on your network, it?s immediately captured and eliminated or quarantined, limiting the scope of its influence on your infrastructure, all while limiting the amount you?ll have to pay out as a result of said breach. Paying for the solution to simply exist is much more manageable than shelling out countless dollars in the face of an attack, making antivirus all the more appealing as a preventative measure, even if it?s never used. Your business can take full advantage of antivirus solutions today by giving White Mountain IT Services a call. We can help you implement only the most dynamic and responsive solutions for your business? network security. To learn more, reach out to us at (603) 889-0800.

Tech support scams are only too common, as blending phishing with social engineering has proven to be an effective means of scamming users. Today, our tip will cover how to recognize some of these scams so that they may be avoided? but first, it is important to recognize that scams like these are a serious problem everywhere, and not just for those targeted. An Issue Around The World These scams target users all over the world, although the impact is most clearly felt by users in China, India, and the United States. Regardless, other regions are also subjected to tech support scams – and India gets hit with a double-whammy. The service-and-support-rep-in-India stereotype has its roots in a truly unfortunate reality. The level of competition in the job market is astronomical in India, especially for the generation that should be entering the workforce right about now. For example, a state-owned bank received over one and a half million applications for just one and a half thousand job openings. This job shortage affects even those with high qualifications. Someone could have a Master?s degree in business administration and have to fight for a position as a street sweeper. Circumstances like these make any job opportunity to inherently be too good to pass up, even if your work comes at the expense of others. Indian call centers use these circumstances to their advantage, using a secretive and convoluted process to hire those young people in search of a job, often not even revealing the identity of their employer. Applicants are often charged money for their attendance at interviews and job trainings, only being given a start date if they are accepted. Many of these positions, however, are not the customer support jobs that were expected. Instead of providing customer service, these recruits are used as the initiators of a scam. They call their target and deliver the scam?s pitch, whatever it may be, and send their newly terrified connection to a senior scamming employee who ends the scam. These workers are soon stuck in an unenviable position: their pay is usually terrible and the emotional burden significant, yet there aren?t really any other avenues to make money in the overburdened job market. As a result, it isn?t long before these scammers, themselves exploited, embrace their position and apply themselves to exploiting others simply to fulfill their need to survive. Spotting Scams Unfortunately, even if you feel for the person on the other end of a scam call, you need to protect yourself and your business from their influence. To do so, you need to be able to identify these scams. Below are a few tips for doing so: Who?s On the Line? – Basic rule of thumb: if you get a call from someone claiming to be from ?Microsoft? or any other technology brand, it?s almost a sure bet that they aren?t. These organizations aren?t in the habit of reaching out to people first, despite what your (potentially spoofed) caller ID might tell you. Not Something You Want Linked to You – Scammers are also fond of using links, sharing them in an email to send the user to a website that displays plenty of falsified pop-up warnings. These links shouldn?t be clicked, and if you do inadvertently or are presented with […]