Category: Articles

Technologies that Small Businesses Should Be Using

As time passes and technology is developed, a lot of the processes that businesses rely on become more efficient and stand to deliver greater benefits to the organizations that use them. These benefits are accessible to businesses of all sizes, including small businesses. Let’s go over a few small business needs, and how technology can assist with them.

Communication

The capability to share information and collaborate with others is crucial to a business’ processes and its overall success. Reflecting on this, it only makes sense that there are more solutions available to small businesses that ever before with this exact goal to motivate them:

  • VoIP – As an alternative, cost-effective means of telephony, a Voice over Internet Protocol solution can provide a business with top-tier phone services and features that promote both client contact and internal networking.
  • Messaging – From email to short-form communication methods (like instant messages), messaging solutions are the cornerstone of a business’ capability to interact both within itself and with external parties.
  • Cloud collaboration – As just one of many applications that cloud technology can be used for, sharing documents and working cooperatively on them is another important facet of a business’ communications.

Security

All aspects of a business’ security, from data protection to infrastructural resilience to unwanted access, are as important to companies and organizations as they ever have been. In order to resist the growing number of threats out there, more means of maintaining this security are now available:

  • Access management – Applicable to both your information and your infrastructure, restricting access to resources is one of the central goals of any business’ security strategy. With assorted solutions to see to both, small businesses aren’t left vulnerable due to their size.
  • Password management – If users are being appropriately diligent in their password hygiene, they will have a great variety that they are supposed to remember. This can be difficult (which in of itself discourages poor password hygiene) but using a password management solution can help alleviate this difficulty.
  • Firewall and antivirus – Why worry about a huge percentage of the threats out there if there are solutions that can be implemented and prevent them? Putting these measures in place and maintaining them over time can eliminate a great many of these threats.

Productivity

As the underlying goal of anything a business does, it may be assumed that any modern solution is (at least indirectly) meant to enable a team to be more productive. However, this standard is much more apparent in some solutions, as compared to others:

  • Cloud storage and applications – Returning to the cloud, cloud solutions are available to give your employees access to the data and tools they will need to work productively, even as a part of a remote workforce strategy.
  • Remote access – If you prefer to keep your resources on-site to monitor them more closely, remote access tools can still give your team the ability to work productively from home if need be, from a variety of devices.
  • Automation – It stands to reason that the fewer steps to a process an employee must worry about, the faster they will be able to accomplish their responsibilities. Automating parts of your processes can help boost efficiency while reducing human error.
Visit Our Store

Cyberespionage Is Every Business’s Concern

Cyberespionage sounds like the stuff of movies and techno-thriller novels. Hackers with almost magical abilities break into the databases of governments and multinational corporations. They discover secrets that could threaten the world. Explosions and chaos will soon follow.

In the real world, online espionage is more mundane and less exciting, but it’s still dangerous. Big enterprises are the most lucrative targets, but small and medium businesses are far from safe. Criminals think they’re easier targets because they can’t afford elaborate security protection (or believe they can’t). They’re often right.

Anyone holding confidential information is at risk. It has value to identity thieves, competitors, protesters, job recruiters, and politicians. Some of them would never stoop to stealing information themselves but are happy not to ask questions if it happens to become available. A strong security defense is vital if you want to avoid theft of your company’s confidential information.

What online spies are after

Cyberespionage goes after whatever information is valuable. Sometimes the spies want it for their own use, but more after they expect to sell it. Crime has its specialists, and networks exist for black markets. The thieves don’t care much about where they get the information, just about how much they can get for it.

These are a few samples of what criminals like to grab from business servers and networks:

  • Information on top management. What are their plans? Where do they think the markets are going? Should investors buy or sell their stock?
  • Account access. Getting into servers and databases is the first step toward grabbing vast amounts of information or installing malware. The techniques include password guessing, exploiting application vulnerabilities, privilege escalation, and luring people to fake login pages.
  • Trade secrets. Any employee might have access to valuable inside information. Intercepting email or other communications lets a thief get a steady stream of data. Badly configured Wi-Fi networks make it easy for someone nearby to snoop. Unauthorized access to servers can yield whole documents full of information that competitors would love.
  • Supplier information. Where a company gets its supplies and materials and what it pays is valuable information to competing suppliers. It also helps someone whose aim is to disrupt the supply chain.
  • Information on employees. Recruiters would love to know how much employees are making, whether they show signs of dissatisfaction, and what their promotion record is. Negative information such as reprimands is also useful to recruiters.
  • Damage to reputation. Someone who doesn’t like a business might pay for information that makes it look bad. A more direct form of damage is to publish confidential information for everyone to see, killing trust in the company’s data privacy.

Types of threats

Spies use whatever methods will work best, and they constantly change their approach to stay ahead of system defenses. Several kinds of attacks remain perennially popular, though.

  • Targeted phishing. It’s called “whaling” or “spearphishing.” Carefully crafted email messages trick executives into disclosing valuable secrets. Those messages are the result of careful profiling and research, so they look as if they come from a trusted employee or colleague.
  • Password acquisition. The techniques for grabbing passwords and breaking into accounts include brute-force guessing, luring employees to fake login pages, and finding poorly protected information that contains passwords.
  • Advanced persistent threats (APT). That’s security jargon for malware which gets onto a server and stays unnoticed for weeks or months. It steadily gathers information and sends it to the thief’s server. It works slowly enough that there isn’t an obvious burst of unexplained activity.
  • Exploitation of software vulnerabilities. Old software that hasn’t been patched in a long time has known vulnerabilities. An outsider can exploit them to deliver malware or gain access to files.

Information worth stealing isn’t just on servers. Mobile devices and desktop computers are favorite targets. They usually aren’t as well protected, and keeping their software up to date is a lower priority. Data on mobile devices can be stolen the old-fashioned way: by grabbing and running. If they aren’t encrypted, they could have a wealth of data ready for the taking.

Wi-Fi access points that aren’t properly configured are vulnerable points. A spy just has to bring a device somewhere close by and intercept the traffic. They provide a way to get past firewalls and reach internal services.

In brief, there are many ways to separate information from its owners. Protecting it is a complicated matter.

How to stay safe

It’s been said many times: There’s no such thing as absolute security on the Internet. There are, however, always ways to make systems safer. How much security you need depends on the nature of your business and the potential consequences of successful cyberespionage.

The first step toward better data protection is to conduct a risk assessment. You need to determine what needs protection the most and what kinds of threats it faces. Based on that information, you can allocate resources where they will do the most good. Weaknesses that are harder to exploit or can’t cause as much damage shouldn’t be ignored, but their priority is lower.

Education and training are vital. Employees who are aware of phishing tricks, don’t leave data in unprotected places, and use strong passwords will keep the data they handle safe. Periodic reviews and assessments will keep them from forgetting.

Well-planned access control will limit the chances for unauthorized acquisition of data. Employees should have the privileges they need but no more. If an account is compromised, limiting its access will reduce the amount of harm that can result.

Offsite access should always be by secure connections. A VPN for telecommuters and off-site workers lets them connect to company systems as securely as if they were at the office.

Firewalls and anti-malware software keep hostile queries from getting through to applications, and they stop attempts to deposit malicious software on machines. It’s not enough just to install a firewall; it needs to be configured to suit the company’s security profile. Security software needs regular updates.

Many companies have limited IT resources and can’t afford full-time security specialists. Managed services are an alternative that gives access to expertise without having to pay an expert’s salary. White Mountain IT offers managed services and security audits to make your business’s data networks safer from cyberespionage and other threats. We’ll review your security situation and recommend actions that will provide the greatest benefit for the money. Contact White Mountain IT Services today for the best IT support in New Hampshire.

Visit Our Store

Tip of the Week: Monitor Your Hardware While Out of the Office

Businesses are just now starting to reopen as stay-at-home orders are lapsing or going to lapse. For many of those businesses, remote solutions have got them through this ordeal and for many others they continue to deploy a remote workforce. For companies still promoting telework, monitoring your local IT environment is something that you need a solution for. For this week’s tip, we’ll discuss some of the best practices you can use to monitor your IT while out of the office.

Getting a Hold on IT Infrastructure Monitoring

Infrastructure monitoring covers quite a few critical business considerations. They include the physical condition of your infrastructure, how your software is being utilized, and how much of your bandwidth is being consumed. It also encompasses how well your systems are performing.

Of course, hardware failures are the priority as they can have a major impact on your business. Teleworkers often need access to centrally-stored data and if something were to happen to the systems, productivity has the chance to grind to a complete halt. In order to avoid this situation, it’s important that you deploy the right infrastructure monitoring platform and have the right practices in place to mitigate potential interruptions.

How to Make the Most of Infrastructure Monitoring

Today, we’ve assembled a couple important considerations about infrastructure monitoring. Let’s take a look:

Identify the Most Crucial Parts of Your Infrastructure

There are parts of your IT infrastructure that are more important than others, especially if you are looking to support a remote workforce. Since your staff probably relies on nearly every piece of your IT, however, you need to identify which part of your IT gets the most attention, and then ensure each subsequent part is monitored properly. You’ll also want to consider adding backups of your climate control systems to take over if your primary ones should fail. You’ll also want systems in place that will allow technicians to reboot unresponsive systems remotely to ensure that they remain accessible for your remote team.

Ensure Your Alerts Are Routed Properly.

You will want to ensure that if something were to go wrong that the detection system contacts the person that will be able to fix it properly. Make sure that whomever is supposed to be contacted when something goes haywire, is the one being contacted. This will typically speed up the remediation process.

Check In Periodically

Have a technician routinely go to the office and check around your infrastructure for both issues with your infrastructure and with your monitoring system. This means checking connections, sensors and other tools used for successful reporting.

Visit Our Store

The Importance of Secure Conferencing

Conferencing has been an important tool for businesses as stay-at-home orders have moved their operations out of the office and into worker’s homes. While there are dozens of video conferencing solutions on the market, businesses should consider security just as much as they consider functionality. Today, we’ll take a look at security for your company’s conferencing solutions.

What’s So Important About Having a Secure Conferencing Solution?

In the spirit of security that should surround your information technology, it is important to understand where the threats to your business come from. When looking at your conferencing solution, you should know that webcams and other IoT video devices, that make the conferencing solution what it is, are known to be some of the most targeted solutions by cybercriminals. In order to trust that your staff is working to keep your central IT secure and working as intended, there needs to be some diligence in choosing the right technology and practices to use to keep your business safe.

More people than ever are utilizing these solutions, as well, and some are more secure than others. Since so many people are using these applications, it becomes extremely important to do what you can to promote solid security practices. Today, we’ve outlined four.

They include:

Develop Solid Policies

An organization’s conferencing policy is similar to their BYOD (Bring Your Own Device) policy. It’s important for your staff to understand the role they play in maintaining your business’ network security. This goes double for businesses that have to deal with sensitive information such as health or financial data.

Here are some guidelines to consider implementing:

  • Users need permission from all attendees in order to record a meeting.
  • Personal devices should not be used to record meetings.
  • Confidential or sensitive information should not come into view during the meeting unless it is expressly relevant or requested by meeting attendees.
  • All cameras and microphones should be disconnected when not in use.
  • If sensitive information is to be shared, it should be done so securely and not in group meetings.

Use Encryption

To ensure that data is shared securely, you will want your video conferencing software and your hardware to both have 128-bit AES encryption installed. Not only will this work to protect sensitive data, it will deliver peace of mind that any data that is sent will get to its destination without issue.

Authentication and Control

A lot of today’s most utilized conferencing apps have single-login authentication. Sign-in strategies such as single sign-on (SSO) are great because they allow administrators to simply control the secure authorization of users. To enhance control, however, you will want to set up a domain-based security system that will more effectively allow administrators to set permissions and monitor access. This will go a long way toward securing your SSO-based authentication strategy.

Update Your System

Like any other piece of software, your conferencing applications have to be updated and patched in order to avoid being vulnerable to outside threats. Since it is an Internet-facing system, you need to ensure that any conferencing app that is routinely used is up to date and managed properly.

For the time being, we’re all going to be relying on our conferencing solutions. To learn more about conferencing, or to talk to one of our experts about keeping your systems secure, call White Mountain IT Services today at 603-889-0800.

Visit Our Store

The Cloud Is Coming of Age

For the past decade, cloud computing has grown fairly rapidly, but as a new decade, and a pesky virus has people (and businesses) leaning on hosted computing solutions more now than ever, it seems like a good time to review the types of cloud options that are available, and how they provide value to businesses just like yours.

What Is the Cloud?

Most people today use cloud services, but they may not completely understand what the cloud is. Essentially, the cloud is computing that is hosted on what is effectively rented hardware. Anything you can do with your onsite IT, you can pretty much do with cloud computing resources. Cloud options are typically managed and maintained by the provider while also being made available for a static monthly rate. Software-as-a-Service (SaaS), the leading cloud service is often priced per user, while Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) platforms are billed per gigabyte.

The benefit of cloud computing is that businesses and individuals can get high-tech tools through cloud providers at a fraction of the cost than they would pay to set up their own private cloud platform with the applicable licenses and the hosting and management of that hardware. This provides the opportunity to fit the solutions to your business without taking on the often hefty expenses associated with implementing new information systems.

Cloud Options

As stated above there are options for most parts of your business, including:

Hardware

For the business that needs extra computing resources for specific applications or for application development, the cloud is a good resource. Moreover, many businesses have chosen to virtualize their local resources and run their systems in virtualized environments, allowing them to maximize their investment into their hardware systems.

Software

This covers a lot of ground. Let’s look at some of the most popular options:

  • Line of Business – Many businesses have chosen to host their line of business software in the cloud. While they lose control over the management of the software, they do pick up some serious benefits including anywhere/anytime access to the software with an Internet connection and cost stabilization provided by the hosted environment.
  • Productivity – Today there are numerous software titles developed just for productivity. Titles like Microsoft Office 365 and Google’s G Suite are two of the most utilized cloud productivity options. They provide the software needed to be productive with integrations designed to enhance collaboration.
  • Communication – Solutions like Hosted VoIP have revolutionized business communications, providing businesses with the telephone system and conferencing features they need to connect remote and in-house teams, alike.
  • Security – Today, there are many network security tools available through the cloud. Not only does this reduce the management costs a business is responsible for, it also ensures that, since it is delivered as a service, that it gets the coverage it needs to keep their business secure.

The cloud has also made the Internet of Things relevant. Businesses of all types, and individuals, use a litany of smart devices and “things”. In fact, today there are dozens of different cloud-based platforms available through your pick of reliable cloud hosting services.

To get more information about how cloud computing can help you build a more productive and efficient business call the IT experts at White Mountain IT Services today at 603-889-0800.

Visit Our Store

10 most important cloud vendors

Hybrid cloud is growing in the enterprise, and these 15 vendors are leading the charge.

As more and more companies move to the cloud, the all-or-nothing decision whether to choose between a fully private or fully public cloud strategy is increasingly being replaced by the flexibility of a hybrid cloud solution.

But how does an organization determine which cloud vendor to go with on its journey to the hybrid cloud? Based on past and current investigation by Tech Pro Research, and anecdotal evidence, we have compiled a list of the top vendors involved in hybrid cloud deployments.

Very few vendors actually provide a full end-to-end hybrid cloud solution. However, many offer critical pieces of the full solution that make them powerhouses in hybrid cloud. Here are the top vendors in this space.

Amazon
Amazon’s Amazon Web Services (AWS) division is, hands down, the juggernaut of the public cloud space. The massive number of customers on Amazon’s platform, and the range of tools and features available, makes it one of the top contenders in the cloud space.

AWS is known as a public cloud solution, and does not provide all the required components for a full private cloud implementation. However, Amazon does offer integrated networking via the Amazon Virtual Private Cloud (Amazon VPC) and, via a group of partners, Direct Connect as part of its solution.

Other Amazon partners provide backup and private storage, data integration, security and configuration management. Combining AWS capabilities with those of partners like NetApp, F5, Splunk, Trend Micro, and Chef makes for a top-end hybrid cloud deployment.

Google
Google competes primarily with AWS and Microsoft Azure in the public cloud space, with its Google Cloud Platform. Like AWS, Google relies on a deep partner network to help fill out its hybrid cloud solution, but the size and customer base of Google Cloud Platform earned it a top spot on this list.

With its background in data, Google tools like BigQuery are useful additions for the data-savvy ops team. And, given that Google shares many of the same partners that AWS utilizes in its hybrid cloud, users can expect similar types of integrations to be available.

Rackspace
Rackspace is another hybrid cloud vendor that works with a host of other vendors and products. Known for its focus on infrastructure, Rackspace offers dedicated database and application servers, and dedicated firewalls for added security.

Rackspace’s hybrid cloud solution is held together by RackConnect, which essentially links an organization’s public and private clouds. While it does offer VPN bursting and dedicated load balancing, Rackspace’s catalog of additional tools and applications isn’t as comprehensive as some of the competition.

Microsoft
Microsoft is one of the few vendors to offer a true hybrid cloud solution. There are three core products: Azure, Windows Server, and Microsoft System Center. The company has proven itself as an on-premises provider, and its reputation is growing as a public cloud provider as well.

Another big reason Microsoft takes the crown as the top hybrid cloud vendor is its flexibility and integration with existing product lines. The Windows Azure Pack covers most of the bases regarding IaaS, DBaaS, and PaaS. Microsoft shops will especially make use of the management capabilities of SQL Server as well.

IBM
IBM’s Bluemix hybrid cloud is a valuable option, thanks to its open architecture, focus on developer and operations access, and catalog of tools available through the public cloud. Organizations looking to more effectively leverage data will find Watson and the IoT tools especially helpful.

Using a product called Relay, IBM is able to make your private cloud and public cloud look similar, increasing transparency and helping with DevOps efforts. The company’s admin console and syndicated catalog are also helpful in working between public and private clouds.

VMware
VMware is still relatively new to the cloud space, but its depth of experience with virtualization and vendor-agnostic approach make it a fierce competitor. VMware’s approach to hybrid cloud is almost the opposite of AWS’s, in that it’s known for its private cloud products and utilizes a network of partners to deploy a fully hybrid solution.

The private cloud portion is powered by VMware’s vSphere. The ‘public’ aspect of VMware’s hybrid solution is vCloud Air — made available through the vCloud Air ecosystem of 4,000+ partners, with companies like CenturyLink and Claranet leading the charge.

HP
Toward the end of 2015, HP made a major announcement that it was throttling back on public cloud and instead focusing on hybrid cloud offerings. HP’s Helion offering is focused on what it calls the Right Mix, where businesses can choose how much of their hybrid strategy will be public and how much will be private.

HP’s private cloud solutions have a strong basis in open technologies, including major support for OpenStack. However, the company also leverages its partnerships with AWS and Microsoft Azure, among others, to provide some of the public cloud aspects of its hybrid cloud offering.

EMC
EMC’s hybrid cloud got a major boost in mid-2015 when the company acquired cloud management company Virtustream for $1.2 billion. EMC’s strength in hyperconvergence and plethora of storage options make it a good vendor for operations-heavy organizations who like to play a part in building out their own solutions.

In terms of hyperconvergence, EMC has made many strides in the hardware space with its hardware solutions such as the VCE VxRack, VxBlock, and VBlock solutions. The company also offers a ton of security options, but still relies on partners to provide the public cloud end of the deal.

Verizon Enterprise
What many in IT don’t realize is that most of the major telecom providers have cloud offerings of their own. Verizon Enterprise, the business division of Verizon, offers three customizable cloud models including a hybrid solution.

Verizon Enterprise has a strong product in terms of disaster recovery and cloud backup. It also has a cloud marketplace and offers authorized Oracle integrations on Verizon cloud deployments.

Fujitsu
Fujitsu is another hybrid cloud provider built on another vendor’s offering — in this case Microsoft Azure. Fujitsu Hybrid Cloud Services (FHCS) are a combination of Fujitsu’s Public S5 cloud, running on Azure, and a private cloud, which is powered by Microsoft Hyper-V and can be deployed client side or in a Fujitsu data center.

The offering provide standard tools like workload bursting, as well as the ability to split a workload by geography.

CenturyLink
CenturyLink is another telecom company that provides cloud services. The company advertises its service as a public cloud that is ‘hybrid-ready’.

Since it basically only provides the public cloud portion of a hybrid cloud deployment, CenturyLink is focused heavily on integrating with existing systems. Automation and containerization tools make it a good fit for shops that are exploring DevOps.

Visit Our Store

7 Characteristics of Successful IT Professionals

Knowing technology is an essential first step to a career in IT, but to truly excel, it helps to build these seven personality traits into how you approach the industry and plot your path through it. A successful IT professional generally.

 

Characteristic One – Has a passion for technology and problem solving.  A born IT pro is in love with tech, both past and present – drooling over the latest in everything while feeling a pang of nostalgia at the sight of a zip disc drive. To a techie, a malfunction isn’t a headache; it’s a chance to shine.

Characteristic Two – Knows data and how to manage it.  While to ordinary people, the size of the files they juggle and the speed at which they navigate the Internet may be somewhat mysterious, to techies, it’s as basic as knowing your way around your own neighborhood.

Characteristic Three – Is versatile.  A successful IT pro surely has a niche. But just as all Marines are riflemen, all IT pros are tech support. They may specialize in cloud security, or big data management, or website design, but in a pinch they can tackle any tech problem.

Characteristic Four – Sees how tech and lines of business intersect.  The concept of a techie unaware of the value of what he or she does is as dated as Jimmy Fallon’s SNL character “Nick Burns, Your Company’s Computer Guy.” Today’s IT pro is as comfortable in the boardroom as the server room.

Characteristic Five – Can describe tech concepts in general terms.  No question IT professionals speak in their own language, but successful ones can slow down and explain a problem and its solution in terms anyone can understand – and even get excited about doing so.

Characteristic Six – Never stops learning, certifying and imparting knowledge.  Successful IT pros establish a solid foundation for their IT knowledge with certifications like CompTIA A+, and then spend a lifetime building on that knowledge and sharing it with others – perhaps even teaching it.

Characteristic Seven – Stresses security and good housekeeping.  IT pros don’t just want to take a byte out of cybercrime, they want to devour it entirely. That’s why they stress discipline. A successful IT pro knows the first line of defense in keeping his or her company secure and efficient is guarding against human error.

Visit Our Store

Hackers take over Chromecasts

A couple of dutiful hackers have been hijacking thousands of Google’s Chromecast streaming dongles to warn users that the devices can be taken over, and remotely forced to play any YouTube video the attackers’ choose  https://thenextweb.com/plugged/2019/01/03/hackers-take-over-chromecasts-to-warn-owners-about-security-risks/

Visit Our Store