1. Wireless Hotspot in Your PocketToday?s devices make it easier than ever to bring them with you as a means of increasing productivity. However, this is often defeated when there is no Wi-Fi connection available to connect to, as the cloud has brought much of the work that people do online. Your smartphone can help to solve this problem by acting as a wireless hotspot and providing Internet access to your other devices. In order to make the best use of the phone?s hotspot capabilities, you may want to ensure that your employees have an adequate plan. With a Bring Your Own Device strategy, you can provide them with a stipend to cover the costs, or if you prefer, you can provide them with company devices that already come with sufficient data service. 2. Sort Your ScreensYour smartphone allows you to rearrange the items on the display to pretty much match your personal preferences. Grouping your most-used apps and utilities together to make accessing them easier can help you save time and effort, and will help keep you from ?misplacing? a crucial app during a time crunch. 3. Try Out Your Email and Browser OptionsYou don?t necessarily need to stick to the factory-presets when it comes to your mobile browser and email management applications. The official application stores will have many alternatives for you to experiment and explore. However, make sure you stick to recognizable names to avoid installing any malware that might have slipped past the moderators. These non-default apps often have functions and capabilities that you just won?t find in the default apps that make your use of them much more smooth and efficient. 4. Use Your ShortcutsTry to become familiar with the shortcuts available for your device. While these shortcuts may only save you a moment or two when compared to the ?typical? way of doing things, these moments can add up to a lot less time spent fiddling with your phone that could be spent accomplishing something based on what you checked on your phone. Your model of phone will have an impact on how you can activate your shortcuts, due to differences in software. Some experimentation may be necessary, but once you discover your phone?s capabilities, you can use them to save yourself some valuable time. 5. Research Your InsuranceYour mobile device often serves as a key tool for you to use as you go about your business. Therefore, it is important that–should something happen to it–a replacement isn?t too time-consuming to obtain. You should be sure to collect as much information as you can to make the best decision regarding your insurance policy and the coverage you can expect for your devices. What are your favorite smartphone tips? Which ones do you think should have made our list? Let us know in the comments!

The issues present in voting infrastructure have been known for years. By using expensive electronic voting machines, many polling places are putting themselves in the position of being stuck with old, outdated systems without the necessary funds to replace them. In fact, it was predicted that 43 states would use ten-year-old electronic voting machines, an age that is uncomfortably close to the total lifespan of the machine. This could easily result in machine crashes and failures, potentially causing votes to be lost or–with some touch-screen machines–registered for a different candidate than the voter input. Adding to this issue is the fact that, with exclusively digital voting machine, there is no way to check the results against anything else if there needs to be an audit. This issue was only proven further during the 2017 DefCon conference, where the unprecedented Voting Village revealed what a hacker could do to an actual voting machine. This kind of activity had never been done before because, until late 2016, it had been illegal to tamper with voting machines–even if just for research purposes. Researchers discovered that there were plenty of ways to breach voting systems through both remote access and physical tampering. Influencing an election doesn?t even necessarily require tampering with the votes themselves, either. By slowing the systems to a crawl, or simply rendering them inoperable, hackers can easily keep many people from voting. Lawrence Norden, of the Brennan Center for Justice, argues that going low-tech is the best way to combat this kind of interference, supplemented by the use of encryption, blockchain, and other technological solutions. According to a blog post by Norden, the voting process needs to reintroduce paper. As he says in his blog: ?Specifically, every new voting machine in the United States should have a paper record that the voter reviews, and that can be used later to check the electronic totals that are reported. This could be a paper ballot the voter fills out before it is scanned by a machine, or a record created by the machine on which the voter makes her selections?so long as she can review that record and make changes before casting her vote.? According to Norden, this would eliminate the risk of an undetected change or error in software causing an undetectable change or error in the outcome of an election. Just like your organization, having accurate data and computing infrastructure that doesn?t work against your goals is key here. When hardware and software becomes out of date, not only do you deal with the same quirks and problems that were baked in from the beginning, but you also deal with new problems and unreliability. When your data is at stake, this can be a major issue. If your business has embraced digital filing (which we highly recommend), imagine putting the integrity of your data at risk by using an old computer. While going back to physical paper documents might be a solution, it will cost your business a lot of time and effort to accommodate, when compared to the cost of upgrading your IT. What are your thoughts? Leave them in the comments section below.

A surprising number of security issues come from inside your organization. User error on the part of the employee can present major problems for your workflow, data security, and the integrity of your business. User error could be something as simple as an employee clicking on the wrong links when they receive a suspicious email in their inbox, or if they are accessing data that they simply have no business accessing in the first place. Sometimes businesses will even completely forget to remove employee credentials when they leave a project or the company creating a breachable hole in your network. Regardless of the reason, user error can be a detrimental occurrence, and one which must be prepared for. Restrict User PermissionsYou may notice that every time you try to download an application to your computer, it requests specific permissions from the user. If it were your personal computer, you could just click OK without thinking twice. However, this isn?t your personal computer–it?s your office workstation. If you let your employees download whatever apps they want to their devices, who knows what kind of nonsense you?ll find on them? They could accidentally download malware or install something to give hackers remote access. This is why you limit what your users can do on their workstations. The only users who should have administrative access to your company?s devices are your network administrator and any IT technicians you employ, as they will be the ones primarily installing new software on your devices. Minimize Data AccessIf you give your entire staff access to every little part of your data infrastructure, they are bound to run into data that?s not meant for their eyes. For example, an employee might gain access to your business? payroll, which could cause unnecessary friction. They also might find other sensitive information that they aren?t supposed to see, like personal information or financial details. The best way to keep this from happening is to partition off your infrastructure so that employees can only access information that they need to do their jobs. Just ask your IT provider about your access control options. Remove Employee CredentialsWhat happens when an employee leaves your organization, but is still able to access their email, your network, and their workstation? You could run into an employee sabotaging your organization. This isn?t something that you want to deal with, and the easiest way to make sure it doesn?t happen is to begin the process of removing this employee from their accounts before they leave. Passwords need to be changed so that the employee cannot access your infrastructure any longer. You don?t want to delete the accounts entirely, though. You might want to check through the accounts, particularly because you might find reasons why they have chosen to leave your organization. Can your business keep itself safe from user error and other threats? White Mountain IT Services can help you keep the negative results of user error to minimum. To learn more, reach out to us at (603) 889-0800.

There are many organizations in the world that simply can?t have cybercriminals and hackers interfering with their data. One of these organizations, CERN (whose acronym translates to the European Laboratory for Particle Physics) has far too powerful of a computer grid to allow hackers to access it. To keep it safe, CERN has deployed what may be the future of cybersecurity: artificial intelligence. The use of artificial intelligence in security makes a lot of sense for a few reasons. First and foremost, it gives us a chance of keeping up with the changes that malware undergoes. To combat this, the scientists at CERN have been busy teaching their AI to identify threats on their network and to take appropriate action against them. This is no easy feat when one considers the resources that CERN requires to operate its Large Hadron Collider and Worldwide LHC Computing Grid. The LHC collects a truly vast amount of data–around 50 petabytes between the beginning of 2017 to June–and shares it across a network of 170 research facilities worldwide, also providing computing resources to these facilities as needed. This creates a unique challenge to maintaining cybersecurity–how to maintain computing power and storage capabilities while keeping the global network secured. As a result, CERN is turning to AI and machine learning to allow their security to identify between typical network activity and that of a more malicious nature. While CERN is still testing its new artificial intelligence, there are ways that businesses can leverage similar concepts to help protect their own networks. As of right now, when we say AI, we?re not talking about machines with human-like qualities you?d see in movies today. CERN isn?t going to be teaching their security AI the concept of love and friendship anytime soon. Instead, it?s actually a very simple tool you probably use every day. Take Google, for example. When you do a Google search, you are getting results that are indexed and categorized without the direct influence of a human operator. Google?s computers crawl the Internet and use machine learning and hundreds of various factors to deliver the search results most relevant to what you need based on a whole slew of conditions. The benefit of using this form of AI means results are delivered incredibly quickly, and a mind-numbing amount of data can be collated and delivered at the blink of an eye. If Google employed humans to deliver search results, the system would be flawed by human biases, the costs of employing so many people to meet demand, and it would simply be slow to get the results on-demand. AI empowering security could quickly scan for flaws on a network, run ongoing penetration tests, and constantly patch vulnerabilities. It could work day and night to improve spam and firewall capabilities. AI would have access to a lot of security resources and be able to react much faster, making it harder for hackers to overcome. Although we?re a long way out from seeing something like this fully implemented, we?re already seeing a lot of virtually intelligent systems collating and delivering data, and we can?t wait to see more? Just as long as we don?t flip the switch on Skynet. Do you think that AI is a viable resource to keep business networks secure, or is the technology […]

If you?ve watched the news lately, chances are you?ve seen the Equifax breach and the ridiculous fallout it has caused. Over 133 million personal records have been stolen. While it?s difficult not to feel individually victimized by such a breach, it?s important to remember that it?s often not your specific credentials targeted by hackers. Since businesses often hold onto valuable information, they have big crosshairs painted onto them. It doesn?t even stop there–any vendors or partners you deal with are also in danger of hacking attacks. The Equifax breach, which resulted in 143 million records being stolen, has many people concerned about their data security and data breach notification laws–and rightfully so. One of the biggest points of contention with the Equifax breach was that it took so long for them to notify the public following the incident. We?re not here to argue the ethics of Equifax?s decision to withhold information on this breach–we just want to make sure that you understand the technicalities behind why it was acceptable for them to wait before notifying their customers. State LawsAt the time of writing this, 47 of the 50 states in the United States have data breach laws, with the only holdouts being Alabama, New Mexico, and South Dakota. While Alabama and New Mexico have at least introduced bills regarding data security and notification, South Dakota has yet to do so. Another issue comes from the fact that these laws are state-exclusive with no unifying standards. Therefore, the laws could be very different from state-to-state. For example, New York?s law demands that notification of a breach should be given as soon as possible and without any unreasonable delay. Wyoming?s laws, on the other hand, require that notice of the breach be reported within a reasonable amount of time that does not exceed 45 days after the company is made aware of the breach. Florida requires notification within 30 days. These notification deadlines aren?t necessarily steadfast, either. Did you notice how each of them allows companies to delay notification if there is a valid cause? Depending on the state, there may be various reasons for delay in notification. For example, criminal investigations and national security are both perfectly valid reasons to keep a notification of a breach delayed. Federal LawsWhile there is no data breach law on the federal level, there are various industry-specific regulations. For example, there is the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA), both of which have specific data breach policies enforced by the federal government. Unfortunately, there is no federal law which spans a general data security policy, so states will be dealing with these issues in their own ways. Due to Equifax being a financial institution, it?s expected to hold fast to the standards put into place by the GLBA. Since the GLBA doesn?t have a deadline to inform affected users, Equifax technically adhered to the regulations. In the eyes of the law, they did nothing wrong–even if they should have been morally obligated to inform users as soon as possible. Even though there are different notification laws for each state, there are other aspects of data security laws that vary based on both the industry and the state vs federal level. Every state has different policies regarding who the laws […]