Recent Blog Posts

Why is Risk Management Crucial to Your Cybersecurity? In a word, preparedness? but a strategic approach to it. Let me ask you this: if your business was located in the middle of the Sahara Desert, would you be terribly concerned about a snowstorm interrupting your processes? Of course not, so you certainly wouldn?t prioritize any efforts that were specifically intended to fight a snowstorm?you wouldn?t keep a supply of snow shovels to clear off the roof, for instance. Risk management is the practical approach behind this extreme example, and when applied to your cybersecurity, it is based on the unique balance of cybersecurity risks that your business exhibits. By developing a cybersecurity risk management plan, you are able to adjust your approach to match this balance. How to Fulfill Cybersecurity Risk Management Generally speaking, the process behind cybersecurity risk management is as follows: Identify Potential Threats First, consider your business? hardware infrastructure and the software that it hosts. Are there any known vulnerabilities that might affect it? What threats could potentially bypass your existing protections? Having a comprehensive list of these potential threats from the start will be crucial. Weigh Out Each Threat?s Potential Risk Once you?ve created your list of potential threats, you need to determine how likely each threat is to occur?and whether or not you can live with that likelihood. As you do so, you should keep the impact that each threat might have in mind. After conducting this impact analysis, you should have a tiered list of potential threats arranged by their risk. Establish a Response to Each Risk Level Using this list, you are ready to determine how each risk level should be approached. Generally speaking, there are four responses that you can take that are known as the four Ts of risk management: Tolerate – If you determine the risk is unlikely enough or not severe enough to address, you accept that you may encounter it. Treat – If the risk is sufficiently concerning, you put security measures in place to reduce its likelihood. Transfer – If there?s a risk that is beyond your capabilities to control, you involve other parties in the risk?outsourcing your protections, and/or taking out cybersecurity insurance. Terminate – If the risk is severe enough, you fully avoid it by altering the processes that create the risk, if not suspending them entirely. Continue to Monitor These Risks and Adjust as Appropriate After addressing your risks, based on the above responses, you should continue to keep an eye on them. Reexamine your potential threats every so often to see if your level of risk has changed and if you need to reconsider if your established response is still appropriate. With the threat landscape changing constantly, it?s almost guaranteed that your responses will have to change at some point. We Can Assist You with Your Cybersecurity Risk Management Remember the transfer option we reviewed above? White Mountain IT Services is one such party you can outsource some of your protections to. Our comprehensive cybersecurity measures can help to treat and terminate many of your largest business risks. Give us a call at (603) 889-0800 to start mitigating those things that threaten your business.

What Are Your Options? Nowadays, cloud computing has become reliable enough to do about any type of computing your company needs. With this fact, you now have to decide whether adding new hardware to your server stack is the best option; or, should you seriously consider deploying virtual environments through the cloud. Let?s go through some of the pros and cons of each. New Onsite Server Before we talk about some of the considerations that go into hardware purchases, let?s talk about some of the pros and cons of deploying onsite servers. The first, and probably the most important benefit of utilizing onsite hardware is that you have complete control over the infrastructure. Not only can you set it up the way you want, you maintain access and don?t necessarily need an Internet connection. This can be extremely beneficial if you house sensitive and proprietary data.  Since the business environment has changed substantially over the past several years one of the leading talking points in the discussion between cloud and on-site infrastructure is the question: who needs access to it? With a lot of people now being able to work remotely, they need access to company data. This creates two big issues: How do you get your new onsite server set up reliably and ready to work for your company? How do you get remote workers access to the data and applications they need on that server? These are important questions and ones that any business that decides they would like to get the benefits of hosting their own servers have to immediately confront. After all, if you don?t set your infrastructure up effectively, you will be constantly tinkering with your IT and it won?t bring your organization the value it should.  Cloud-Based Servers Over the past several years, cloud computing has become a mainstay for businesses of all types. Before that, enterprise businesses were the only ones that were able to take advantage of these hosted servers, as the costs associated with data transmission?the way many of these systems are charged?were seen as prohibitive to businesses and organizations with smaller technology budgets. Prices have dropped substantially and now, with the needs of many businesses including catering systems to remote workers, cloud servers are now one of the most utilized by all businesses. Obviously, if your servers are outsourced and hosted in a public cloud environment, you lose the capabilities to set up your machines. For most business purposes such as application deployment, communications, and collaboration, this doesn?t have the ?risks? it once did. Additionally, cloud-based infrastructure can always be scaled to the amount of computing and storage your business needs, putting an end to the constant hand-wringing over software licensing and storage costs.  What you will absolutely need to take full advantage of cloud-based servers is a reliable and fast Internet connection. This can be a sticking point, especially if your organization likes to use innovative new communications platforms hosted in the cloud. Your end-users may not always have access to the type of bandwidth needed to reliably take advantage of the cloud-based tools. As far as cost goes, the cloud-based infrastructure doesn?t demand that your organization make huge financial decisions with their IT infrastructure, but it does require that you pay the per GB or service subscription fees […]

What is Single Sign-On? Imagine that you use a single password or username to sign into multiple different accounts, not even those that are necessarily related. This is basically what single sign-on is. It is a centralized authentication platform where you use one set of credentials to access multiple applications or platforms. As explained by CSO, ?In the most common arrangement, the identity provider and service provider establish a trust relationship by exchanging digital certificates and metadata, and communicate with one another via open standards such as Security Assertion Markup Language (SAML), OAuth, or OpenID.? You log in once, and that login can be used to sign you into other accounts associated with that login. Think about it like this; rather than authenticate the user themselves, the application asks another application to authenticate the user for them, then allowing the user to access the application as if they had used a username or password pair in the normal way. Why Is Single Sign-On Useful? There are many reasons why single sign-on can be useful. Here are some of the following: Passwords are hard for employees: Employees who have to remember multiple complex passwords and usernames for various different accounts can often make mistakes or forget their passwords. Cloud sprawl is a very real thing: The more applications businesses implement, the more difficult it becomes to manage them all. SSO provides businesses with ways to authenticate users in a way that is beneficial for productivity and security. Easy IT management: IT administrators can more easily revoke privileges for accessing various services or applications, since there is only one pair of credentials associated with SSO. Isn?t That a Security Discrepancy? It?s easy to see how single sign-on could create a security issue if it is implemented incorrectly. After all, what happens when that one credential gets stolen by a hacker? In reality, SSO does the exact opposite. It reduces the attack surface considerably, and with fewer opportunities for employees to create insecure passwords, the likelihood of attacks falls somewhat. In short, SSO is more likely to help than it is to hinder your security. The biggest issue you are likely to encounter with single sign-on is adding new technologies or making adjustments to your IT infrastructure, as SSO implicitly ties together many different services. The biggest benefit you can expect from SSO is by far the improvements to productivity. Since users will be logging in fewer times throughout the day, they can instead focus on getting work done, meaning more opportunities to improve your bottom line. White Mountain IT Services can advise you on the appropriate way to secure your organization and potentially offer solutions for how to approach cloud sprawl. To learn more about what we can do for your organization, reach out to us at (603) 889-0800.

Why are Sticky Keys a Thing? Not everyone who uses a computer will have the same capabilities. There are a variety of reasons that someone may have a challenge using the device that others may not find to be an obstacle. More specifically to our discussion, there are a few reasons that people may have trouble pressing more than one key at once, like one has to do to capitalize a letter, for instance. Therefore, Sticky Keys allows a user to press a key?like Shift or Ctrl?to use it without needing to hold it to use it as part of a key combination. All you have to do to turn it on is press Shift five times in a row. However, what happens if you don?t want it activated, but you accidentally did so? Don?t worry?not only can you deactivate it again, you can also eliminate the shortcut that creates the problem. How to Turn Off Sticky Keys Fortunately, deactivating Sticky Keys is just as easy as it is to turn them on. All you have to do is press Shift five more times to turn them back off. Deactivating Sticky Keys Entirely If you want to just get rid of Sticky Keys outright, there are a few processes to follow. In Windows 10: Either press the Windows logo key or click the Windows icon in the Taskbar. Type ?Ease of Access? and select Ease of Access keyboard settings from the search results Find the Use Sticky Keys section and toggle the switch to off. You should also uncheck Allow the shortcut to start Sticky Keys to stop them from reactivating. In Windows 11: Either press the Windows logo key or click the Windows icon in the Taskbar. Type ?Accessibility? and select Accessibility keyboard settings from the search results. Toggle the switch next to Sticky Keys to off, and click into Sticky Keys. Toggle the switch next to Keyboard shortcut for Sticky Keys to off. That?s it. You won?t need to worry about Sticky Keys getting in your way after this. If you know someone who struggles with Sticky Keys, share this information with them?they?ll be sure to appreciate it. Make sure you also stop back here for more handy IT tips!