Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in terms of possible vulnerabilities), it has considerable potential to become a nuisance for your organization. Understanding VPNFilter VPNFilter is a malware that hides in your router and remains even if you restart the device. VPNFilter is known for prioritizing devices in Ukraine, but you should never count on the trend to protect you from known threats. It?s thought that the VPNFilter malware has its roots in a group called Sofacy, and the malware operates in three basic steps. The first step for this malware is that it installs itself on the device and remains there even in the event that the router is rebooted or turned off. Second, the malware will install certain permissions on the router that allows it to change settings, manage files, and execute commands. The router can then proceed to brick itself, making it much more difficult for your organization to keep operations moving along. In its final stages, this malware lets a hacker see the data packets that are being sent to and from your organization?s device, meaning that they can then also issue commands and communicate with the device via a Tor web browser. This threat was specifically mentioned by the FBI because of its persistence. While resetting the device will disable the second and third steps, the first will remain, creating an endless cycle if you don?t do anything about it. Is Your Router Affected? Even though not all routers are affected, the number is still quite considerable. Here is a list of affected brands: Asus D-Link Huawei Linksys MikroTik Netgear TP-Link Ubiquiti Upvel ZTE If you would like a more comprehensive list of all affected devices, Symantec has a list on their website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware How You Fix It There is an easy fix to VPNFilter, and it?s to perform a factory reset on your router. This eliminates anything that?s currently installed from the first stage of VPNFilter?s attack. Of course, it?s also worth mentioning that the manufacturer of the router may have also administered a patch or security update resolving the vulnerability, so be sure to check for that as well so that it will never be an issue again. For more great updates and tech tips, be sure to subscribe to White Mountain IT Services?s blog.

Before we take the plunge, we want to inform you that in order to best understand the two terms, you?ll need to have data collection platforms in place that allow you to analyze data. If your organization doesn?t store data properly, it becomes difficult to analyze it. Therefore, if you have plans to analyze your data, you should make plans to have it stored in a single place where it can be read from, making it much more feasible to take advantage of. BI vs BA The biggest difference between business intelligence and business analysis goes back to the roots of language. Business intelligence is a noun, whereas business analysis is a verb. Business intelligence is a system put into place to collect and analyze data, while business analysis is the actual act of doing the analyzing. Both of these purposes require significant amounts of data to work as intended, even if they both work in different ways. Business Intelligence A business intelligence strategy is built for the purpose of analyzing the business in its current form. In this case, the more you know about your business, the more effectively you can make decisions about the future of your organization. When you hire a business intelligence professional, their job is to analyze the data to find answers to your most pressing business needs. Your organization uses the information found during these processes to improve your operations, whether it?s through changing up the way things are done or by implementing new solutions. Basically, BI?s value is in providing enough information about your business? operations to create data-driven decisions. Business Analysis Business analysis consists of enabling the changes that need to be done by finding and resolving gaps in the way your organization manages itself, be it in production or solution implementation. Business analysis means that your organization takes the information that a BI system has provided to create solutions for your business? woes. Sometimes they can be used to predict changes in the market or determine the best audience for a particular good or service. Data-Driven Decisions This increase in organizational use of BI and BA make it clear that more businesses than ever before are taking advantage of their data in exciting new ways. Through the power of BI, businesses can create strategies to hone in their operations and create opportunity for improvement, while BA can help you either implement new solutions or stay on track toward your goals. White Mountain IT Services can help your business get started. To learn more, reach out to us at (603) 889-0800.

Businesses of all sizes use varying degrees of technology to improve organizational productivity, efficiency, and security. The more a business depends on its data, the more crucial it is for them to manage and maintain the systems in which this data is dependent. For organizations that have a lack of financial resources to support these systems, it is often left to unqualified employees, putting your business at risk. What do you do when you need expertise that you lack and can?t afford to hire in-house staff? You call White Mountain IT Services. We offer our brand of managed IT services that go far beyond typical IT support. We ensure that your network and infrastructure is outfitted with the security solutions required to keep today?s most critical threats out. Additionally, we continuously monitor your network for threats, ensuring that anything that could become a problem is eliminated. Using monitoring solutions with state-of-the-art automation, our technicians can remediate any threat, reducing downtime and all the negative situations that happen due to it. At White Mountain IT Services, we look for any way we can to provide value. Since the success of our business is contingent on our clients? continued success, it positions us in a place where we want our clients to get the most value out of every dollar they spend on technology; and, the maintenance of that technology. We understand that making the correct technology decisions is sometimes difficult. We have relationships with some of the largest and most respected vendors in the industry that can help any organization get the hardware and software they need in order to more proficiently meet the demands placed on them by their customers. Not only can we find the technology you need at a competitive price, our technicians are experts in designing and implementing technology to fit into your workplace. Since we work with technology every day, our staff has the knowledge to know what you need, why it?s right for you, and how to get it. This includes solutions for the security of your business, it?s back-office operations, and everything in between. In our commitment to battle downtime-causing problems, we regularly patch software with the latest threat definitions to ensure that all of the applications you depend on aren?t overrun by malware and other malicious entities. The peace of mind that you have an IT infrastructure and network that is free from threats frees you to focus on your business instead of the litany of threats that are stamped out by our dedicated technicians. For more information about our comprehensive managed IT services, or to talk to one of our consultants about having an assessment done on your company?s technology, call us today at (603) 889-0800.

How Chrome is Shaking Up the Conventional Advice There are two major types of websites out there, HTTP and HTTPS. The primary difference between them is that the one with the S at the end signifies that the data was sent through a secure connection, meaning that there are extra layers of security there to shield it from any prying eyes. It?s been a best practice for a long time to make sure that any sensitive data sent to or from a website utilizes a secure connection. This is done by looking for the padlock icons in the address bar. Google is finally stepping up its game by labeling businesses that don?t encrypt their communications with their host server. Chrome will notify users when they are surfing a site that isn?t using HTTPS. The idea is that this is supposed to put the pressure on websites that have yet to adopt HTTPS. Since Chrome is the most popular web browser, it makes sense that this approach could spark a revolution in website security. So far, the approach is seen as ideal by security professionals. What Are Other Browsers Doing? The other major web browsers, Safari, Firefox, and Edge, also have some plans for how they will handle unencrypted websites in the future. However, not all of them plan on flipping the script in such a dramatic way. Firefox: It?s likely that Firefox will follow a similar path to Google Chrome. Firefox is still subscribing to the ?confirming the page is secure? method. Firefox will also tell you whether or not the HTTP page contains a login form with a padlock that is stricken through. There is even a warning that pops up when the cursor moves over any of these fields. In the future, the browser will display all HTTP pages with the strike-through padlock, even if there aren?t any forms. Safari: Apple has yet to deviate from tradition. By this, we mean that the browser just confirms that the connection is secured by showing the lock. However, Apple has taken other, different steps toward ensuring the security of its users. If a user attempts to log into an HTTP page, the page will inform them with alerts popping up into the field and the address bar, much like Firefox does now. Edge: Microsoft Edge only tells a user when a page is protected, but there are other options in place that allow the user to access even more information about their connection. This information can reveal if the connection isn?t encrypted, identifying it a potential risk. This same feature doesn?t extend to the input fields on unencrypted pages, though. We don?t feel like Edge is doing enough to warn users about unsafe browsing. Are you unsure of how to keep your business secure? Reach out to White Mountain IT Services at (603) 889-0800.

The username is the name given to a user (or in some cases the computer or network) and is typically some abbreviation of the user?s, computer?s, or network?s name. An example would be if a user?s name is Brett Hanson, a strong username would be hansbr. It is strictly for identification purposes in the database that holds access information. In some cases, a username might also simply be your email that you use to sign up for a service, or it may also be a display name for people to find you on a service. For example, the popular payment app Venmo uses the username as a way to send someone cash. Making your username easy to remember and share may be a benefit. Other times, you may want to make your username something more unique and less identifiable. One such case would be in regard to your bank account username, which typically shouldn?t be guessable. Combined with strong, unique passwords, unique usernames can add one small extra step to make it slightly harder to get into your accounts. Username Best Practices Coupled with your password, your username is important as it is essential for access. Since it?s the key to a user?s identity when trying to access data and applications, it is important to follow some best practices. These include: Pick a username you can remember – Most services have a password retrieval or reset tool attached, but not many have a tool that allows you to retrieve your identifier. Keep it simple. Never use personal information – Information like your social security number should never be used as a username or password. Your social security number is a coveted piece of information that, if attained, can cause you a lot of personal grief. Other sensitive information to avoid would be your date of birth, any contact information, or anything else you wouldn?t want a total stranger to have. Take into account the platform you are signing into – If you want an account to stay anonymous, for example, ensure that your username is something obscure or is set to not show. We use usernames every day, so the more you are cognizant of how to best utilize them to your advantage, the better. For more great technology information contact us today at (603) 889-0800.