Recent Blog Posts

If you don?t have an answer ready, you need to fix that. Employee Privacy Isn?t Something to Take for Granted? ?and there?s legal precedent to prove it. In Pennsylvania, the state?s Supreme Court ruled as much in Dittman v. UPMC, a class-action suit that was filed after the University of Pittsburgh Medical Center and UPMC McKeesport had data stolen after hackers accessed the medical center?s systems and stole a considerable chunk of data. This data involved personally identifiable information and financial details, and so the case was ruled in favor of the plaintiffs?the employees who had their data stolen. According to the employees? case, the hackers used the data to illegally file tax returns, costing the Internal Revenue Service a significant sum. As a result, the Pennsylvania Supreme Court established that ?an employer has a legal duty to exercise reasonable care to safeguard its employees’ sensitive personal information stored by the employer on an internet-accessible computer system.? On a national scale, employees also have their privacy protected by the tenets of the Privacy Act of 1974. Of course, we are not legal professionals, so none of this should be construed as legal advice. However, it is important to know that you are responsible for protecting the personal and private data that your employees have entrusted to you. So, how can you do that? Essential Steps to Protecting an Employee?s Privacy Fortunately, protecting an employee?s privacy is a task that can be accomplished (or at the very least, supported) with a few technologies and policies that we regularly endorse: Private Wi-Fi Connections If your business isn?t utilizing a secured, private Wi-Fi signal, you?re effectively inviting threats in. This kind of vulnerability could enable access to any device that connects to the wireless signal, potentially putting your data?including that which pertains to your employees?at risk. Securing your Wi-Fi signal and keeping it private helps to deter all kinds of threats to some degree. Internet Filtering While all of these safeguards ultimately help protect your business as well as its employees, this one, in particular, can help keep threats off your network by preventing your employees from visiting the sites that are likely to spread them. As an added bonus, you can filter out websites that would primarily be a waste of a team member?s time to visit. Virtual Private Network Use A VPN is a great way to keep a potential cybercriminal from accessing any data you?re sharing over the Internet by hiding it in a layer of encryption. However, it also helps to shield a remote employee?s identity and location, boosting their privacy as a result. Device Protections Many threats that could potentially steal an employee?s information can be prevented through some basic safeguards, like antivirus protection and spam blocking. Ensuring these defenses are installed, activated, and maintained on any device used for work should be a top priority. Access Controls Here?s the thing?the less able someone other than an employee with permissions is to access certain network resources, the less you have to worry that someone else can access data they shouldn?t. Two-factor/multi-factor authentication (2FA/MFA) is a good option to help do so. You Also Need to Respect an Employee?s Privacy, As Well Finally, it?s important that we touch on the fact that, despite the employer having the advantage insofar […]

The Cloud Improves Accessibility Perhaps the biggest benefit that comes from using the cloud is that data and the applications using said data are much more accessible. Since it?s all stored on the Internet, it can be accessed at a moment?s notice, empowering your team to get work done when and how they want, be it remotely or in-house, on company devices or personal devices. This type of accessibility prevents your data from being spread out across countless devices, as it will be warehoused in one location and accessed through one portal. The Cloud Allows for Scalability Adding or removing licenses can be difficult for businesses with large workforces, especially when the software has to be downloaded and installed on new workstations. The cloud gives you more control over these licenses by allowing you to pay for services on a subscription basis, meaning all you do is create an account for each user you need, then they have access to the solution. Essentially, since the service is in the cloud (on the Internet), you don?t have to worry about installing it on each device?you just give the credentials to the user, who then has access to it through the Internet. This scalability gives you a lot of cost-cutting control. The Cloud Improves Flexibility Employees are more productive when they can access data on their preferred devices, be it a laptop, smartphone, their at-home desktop, etc. When employees use cloud solutions, they can effectively access data on the devices they are most comfortable using, meaning they are not pigeon-holed into using the technology you assign them to get work done. This flexibility gives your team the ability to get work done on their own terms and can be incredibly empowering for some. If your business is ready to start implementing cloud solutions to reduce its overhead and improve its bottom line, White Mountain IT Services can help. Chances are that if you think of it, the cloud can help you with just about any aspect of running your business. We recommend that you go through a comprehensive infrastructure audit to see where the cloud can help you cut costs and improve operations. You might be surprised at what you find with such an audit! Our trusted technicians can go through your IT infrastructure and find ways to save with the cloud. To learn more, reach out to us at (603) 889-0800.

The Provider is the One Who Determines How Secure Cloud Storage Is At the end of the day, the cloud provider is the one who will be responsible for maintaining the security of your data. The cloud is just the infrastructure you use to remotely access the resources. Basically, you are borrowing someone else?s server for your needs. As a result, your data relies on whatever protections the cloud provider has in place (or unfortunately doesn’t). If your cloud provider is trustworthy, they will secure your data through a variety of security methods and safeguards, like access controls, encryption, data redundancy, and cloud monitoring. Furthermore, they will test it all on a regular basis to ensure that it all works the way it?s supposed to. Plus, your cloud provider will be focused on the safety of their own infrastructure by locking down servers that house their data and securing them as best as possible. On Top of This, Your Data Needs to Be Available After all of this is taken care of by the cloud provider, it?s important to keep accessibility in mind. If you can?t access your data, then it may as well not even exist. Therefore, a cloud provider should be able to guarantee a certain level of uptime. No matter the circumstances, you need to find a cloud provider who can ensure your data is accessible, and they should have contingencies in place to make sure of this. Having Said This, Most Cloud Security Issues Come from the Client?s Side Most cloud security problems do not come from the providers themselves; rather, they come from the user. Here are just a few examples of how this might happen: Shadow IT, as your users store your data on an unapproved service or platform Files being shared inappropriately  Cloud resources being accessible through Insecure passwords Users inadvertently deleting data Cloud resources being accessed using Insecure devices All things considered, the cloud is remarkably secure, as long as you are sure to address problems like user behavior and management. White Mountain IT Services can help ensure your staff know how to properly utilize your business? solutions, the cloud included. To learn more, reach out to us at (603) 889-0800.

Let?s begin by establishing the real definitions of ?data breach? and ?security incident.? What is a ?Data Breach?? In no uncertain terms, a breach happens when some of your business? data is somehow accessed by someone outside of your organization through their own specific efforts to do so, Trend Micro defines it as ?an incident wherein information is stolen or taken from a system without the knowledge or authorization of the system’s owner.? Basically, a breach is when a business? stored data is accessed by an unauthorized user?which means that, technically speaking, a data breach isn?t an inherently malicious thing. What is a ?Security Incident?? A security incident is the term given to any violation of established security policies regarding a business? technology, at any scale. Again, a security incident isn?t inherently malicious, but should still be seen as a potential threat to an organization?s security and compliance. As a blanket term, ?security incident? covers a wide range of circumstances, including: Malware infection Spam hitting an inbox Physical access to IT equipment and infrastructure A Distributed Denial of Service (DDoS) attack Portable storage being misused A brute force attack enabling network access ?I think you get the picture. Security incidents are commonly delineated by their severity: how serious the incident is, and how much of a company?s collective attention will need to be paid to resolve them. Serious incidents?things like data breaches, DDoS (Distributed Denial of Service) attacks, and advanced persistent threats (APTs)?are all high-priority security incidents, whereas things like a malware infection or someone accessing data without authorization would be considered of medium priority. Low-priority incidents would be things like false alarms. Isn?t This Just a Difference in Semantics? Technically speaking, yes? however, it is an important difference to stay cognizant of. After all, clarity is going to be important if you do face a security incident as to what kind of incident it is, and what needs to be done to resolve it. Encouraging your team members to familiarize themselves with the various warning signs that something is wrong gives you an increased chance of someone spotting an issue. In turn, this gives you the opportunity to catch and resolve a threat before it materializes into a real security incident?breach or otherwise. We Can Help You Prevent Threats from Getting That Far User awareness is a key component of any business? security, for certain, but the trick is that it is only one component of it? one of many. White Mountain IT Services is here to help you attend to the rest of them. Give us a call at (603) 889-0800 to find out more about the security services we offer.

Let?s consider this disconnect, and what might be done as a leader to help reconnect any employees who have these feelings. How Has Remote Work Divided Us? There is a phenomenon in human nature that is frequently seen in business operations, whether they are carried out remotely or in-person. Human beings are instinctively tribal creatures, so we tend to gravitate toward those with whom we share space. This happens a lot within hobbies or belief systems, but one place that it has been seen a lot in recent months is within workplace departments. Microsoft Provides a Perfect Example of This A study, published in Nature Human Behavior, analyzed how 61,000 Microsoft employees would communicate with each other from December of 2019 until June 2020?collecting data from before and after the company’s transition to fully remote work on March 5, 2020. Before this point, about 18 percent of the company’s staff operated remotely.  By aggregating the anonymous data collected from the instant messages, emails, calls, meetings, and the total number of hours worked each week, the study revealed a key pattern. While more time was spent communicating by teams, these communications were primarily within the different teams at the company. On average, 25 percent less time was spent on communications across department lines. Remote work also saw fewer people collaborating with new contacts in the organization. You may have observed similar trends occurring in your own organization during remote work. What Can Be Done About Departmental Silos? There are a few different strategies that can be used to prevent your different departments from eschewing communications with one another. Keep Remote Workers Connected When someone is working remotely, feelings of isolation and disconnect are all too easy to develop. Take the initiative to reach out and maintain their connection to the group as a whole, not just their department or role. Involve More People Another effective way to help stave off remote isolation is by contextualizing an employee’s work on an organization-wide scale. Give each employee a view of their spot in the overall workforce so they can see how their contributions impact everyone else. Push For Outreach Finally, it is important that your team members have the freedom to have the off-topic conversations that lead to improved teamwork. Encourage your employees to talk about shared interests throughout the workday (emphasizing the importance of moderation, of course) and set aside some time for some casual teambuilding. What was once effortless in the office will take some effort with remote team members. We can help by outfitting your team with the communication and collaboration tools they’ll need for both work purposes and interpersonal development. Find out more about what we can offer you by calling (603) 889-0800.