Appalachia Technologies Blog

Appalachia Technologies team is comprised of a diverse mix of IT professionals, some of whom have been on the forefront of IT since the industry’s inception. Through the years, our team has developed a wide array of experience in understanding individual needs and how they relate to your business.

What is MDM - Mobile Device Management?

What is MDM?

MDMMobile Device Management is software that allows companies to administrate mobile devices like smartphones or tablets. Many people are familiar with desktop PCs connected to a local domain. MDM is based on a similar idea, but MDM allows settings, apps, and content to be managed across different operating systems (like iOS or Android) and devices do not need to be connected to a local domain controller. Essentially, it allows companies to manage phones and tablets no matter where those devices are located.

0 Comments
Continue reading

Top 5 Security Assessment Findings

Top 5 Security Assessment Findings narrow smallest

Even organizations with solid cybersecurity programs will have findings from a security assessment.  After all, cyber attacks and attackers continue to learn and evolve, always trying to be one step ahead of their prospects.  Through our years of performing security assessments, here are the Top 5 areas that we have found to need remediation work post-assessment.

0 Comments
Continue reading

Ransomware: The ASCII Group Insight

ASCII Blog header v2

Appalachia is proud to be a member of The ASCII Group, a community for managed services providers, IT service providers, and managed security service providers.  Recently Jason McNew, Senior Engineer, Cybersecurity Risk & Compliance, was invited to contribute his experience and knowledge of ransomware, along with a few select members to help the ASCII community.

0 Comments
Continue reading

Adapting - How COVID Affected the Way We Work

Adapting...with a smile!

It’s early March 2020, and seemingly out of the blue, our personal and professional lives began to feel the subtle, and not-so-subtle effects, of COVID. Our personal lives aside and from a professional lens...things certainly looked and felt different. Nineteen months later, we’ve adapted, but we continue to feel the impact. Is this the new lens through which we’ll view our professional worlds? Time will tell, but the business lessons we’ve learned are more important than ever.

I’d like to take a minute and share the effects COVID has had on Appalachia Technologies...and how we continue to persevere and get better despite it!

0 Comments
Continue reading

SPRS Pt 2 - How to Enter an SPRS Score

In a previous blog post, we discussed how to calculate your SPRS (Supplier Performance Risk System) score in support of your CMMC (Cybersecurity Maturity Model Certification) efforts.  In that same blog, we also provided a free tool to help you calculate your SPRS score automatically.

In this follow-on blog, we’ll talk about how to provide your SPRS score to the DoD, which is a whole other chore once you’ve actually determined what your score is.  In order to access the part of the SPRS website where your score is uploaded, we first need a CAC (Common Access Card) or a DoD approved medium assurance ECA (External Certification Authority) certificate.  The primary purpose of this certificate is to ensure that the individual person entering the score is who they actually claim to be (non-repudiation), in addition to ensuring the confidentiality of the data.

0 Comments
Continue reading

Phishing for a Deal? A Black Friday Warning

The day after Thanksgiving, widely referred to as Black Friday, has marked the start of the Christmas shopping season since 1952.  Surprisingly, it wasn’t until 2012 that the Black Friday buzz was adapted to further stoke the shopping fire by promoting Cyber Monday.  Whether shoppers choose to chase the deals in person or from the privacy of their own homes, personal information is being shared in the form of email addresses, home addresses, and credit card numbers.  As the stores are preparing by stocking shelves and bulking up employee headcount, cyber criminals are also preparing to capitalize on the shopping frenzy, hoping to catch consumers with their guards down.

0 Comments
Continue reading

Everything That Is Wrong With CMMC 2.0

This month’s release of the much-anticipated CMMC 2.0 left many of us in the world of cybersecurity shaking our heads.  We have been working diligently with the defense industrial base for several years now, even before the CMMC was created, to stop the bleeding of our defense secrets to our adversaries.  As a veteran and a Patriot, I, along with many other Americans, take this very serious problem personally. 

0 Comments
Continue reading

Review of Verizon's 2021 Data Breach Investigations Report (DBIR)

One of the great “must reads” for us cybersecurity wonks is the annual DBIR (Data Breach and Incident Response), issued by Verizon every year since 2008.  While never dull, the DBIR is not a light read and comes in at a meaty 115 pages this year.  While we at Appalachia are delighted to stuff our horns with popcorn and study every last page, we realize that not everyone can make the time to fully digest this comprehensive treatise.  To that end, we have taken the time to write an executive summary of the DBIR for readers of our blog – because we care, and we don’t want you missing reruns or tee time.

This year’s DBIR is broken up into 8 major sections:  Introduction, Results and Analysis, Incident Classification Patterns, Industries, SMB, Regions, Wrap-up, and Appendices.  Let’s dig in by getting a sense of the sheer amount of work that the DBIR team puts in here:

0 Comments
Continue reading

We Salute...Our Veterans

We are extremely proud of the men and women in our organization who have served our country.  Coming from the Navy, Air Force, Marines, and Army, these members have taken their experiences in the military and applied it to their civilian careers.  To honor the veterans on our staff, I asked them to share - what they learned, their greatest achievement, their greatest challenge, and how we can step up to support our veterans.  Thank you, Mike, Nathalie, Jason, Derek, Joel, and Jason!

0 Comments
Continue reading

CSAM - Cybersecurity Toolkit

Blog 4 Graphics CS Toolkit graphic

I remember the first time my dad gave me a box of tools. I was moving out for the first time, and he gave me a box filled with an old hammer, two screwdrivers (one flathead, the other Phillips head), a rusty wrench, and a tape measure. It wasn’t much but it showed me that he wanted to make sure that I was ok. He gave me those tools so that I could fix any problems that came up in my time away from him. Well, I want to do the same for you but with cybersecurity. Now I’m not your father, but that doesn’t mean that I don’t want you to be safe online, and there are tons of tools online that can help you strengthen your cybersecurity.

0 Comments
Continue reading

SPRS Pt 1 - How Do I Calculate My SPRS (Supplier Performance Risk System) Score?

spreadsheetI started writing SSP’s (System Security Plans) well before the original Executive Order mandated deadline of December 31st 2017 and have since written at least 50 SSP’s for defense contractors of every imaginable type and size.  There wasn’t a lot of guidance on how to do this at that time, other than to have a very thorough and complete understanding of the nearly 500-page NIST 800-53 framework. 

0 Comments
Continue reading

CSAM - The 7 Ghosts of Cybersecurity

Blog 3 Graphic 7 Ghosts of CS

October is Cybersecurity Awareness Month, but it is also well known, among the vernacular of the younger generation, as Spooky Season. Most people are more concerned with ghosts, ghouls, and goblins than they are with the dangers lurking in the dark corners of the Internet, which is understandable. It’s more fun to think about the fake monsters than the real ones who could change your life in an instant. So, let’s make a compromise. We’re going to list the 7 scariest ghosts and monsters when it comes to cybersecurity, and we’ll try to make it as spooky as possible.

0 Comments
Continue reading

The Great Facebook Outage of October 2021

The Netflix docudrama film The Social Dilemma describes Facebook as “The problem beneath all other problems.” As this is a security/technical blog we are not in the business of bashing or praising social media, but it goes without saying that Facebook has become omnipresent in the daily lives of literally billions of people.  The same is also true of Instagram and WhatsApp, two other massive social media properties which were also unavailable for about six hours on October 4th.  When something that big falls that hard, there are always unforeseen and unintended consequences.

0 Comments
Continue reading

Appalachia Turns 17!

Today, we toast our company as we mark 17 years in business.  Last year, we boasted that we didn’t just survive 2020 but we thrived – and 2021 has raised the bar higher as we celebrated a number of achievements:

0 Comments
Continue reading

CSAM - Man-Made Problems in the Digital World

Blog 2 Graphics Man Made Problems

If you’ve watched any sci-fi movie, you probably understand the perceived dangers of the digital world. Primarily the unrealistic dangers of artificial intelligence. Now, I’m not saying that AI won’t be a threat in the future but it’s important to note that right now the people using the Internet pose a much bigger threat than an incoming Robo-Apocalypse. And I’m not just talking about cybercriminals. Regular, everyday human error is what poses the most dangerous threat to your company’s cybersecurity. Don’t believe me? Well then, let’s take a quick look.

0 Comments
Continue reading

CSAM - The Secret History of Cybersecurity Awareness Month (And it’s Not-So-Secret Future)

Blog 1 Graphics CSAM Origin

Have you ever wondered where all those weird holidays come from? Like, who got to decide that April 23rd was National Talk Like Shakespeare Day? Or that Squirrel Appreciation Day would fall on January 21st? Or that the last Friday of every April would be National Hairball Awareness Day? An entire day to make sure that your feline friends aren’t spewing wet clumps of hair on to the floor seems like a waste of time, but do you know what isn’t? An entire month dedicated to cybersecurity. Now that’s a topic worthy of a holiday!

0 Comments
Continue reading

US Pipeline Hit with Ransomware – Appalachia’s Cybersecurity Response

pipeline blog 640x 1Over the weekend, the Colonial Pipeline, one of the largest US pipelines and a major supplier for the East Coast, was hit by a cyber attack. A ransomware attack caused the company to shutdown operations as they work through the necessary steps to respond and recover, however the impact is expected to be significant if fuel terminals experience outages as a result in disruption to their supply.  The Colonial Pipeline supplies diesel, gasoline, and jet fuel.  The US government has issued an emergency waiver to allow an exemption for drivers related to hours of service, as well as exemptions related to fuel transportation via tanker ships.  To compound the supply issues further, the US is experiencing a shortage of fuel truck drivers, areas of the US are opening up further from COVID restrictions which is expected to increase travel, and we are approaching the summer travel season which notoriously increases fuel demands.

0 Comments
Continue reading

Blockchain

understanding-it-blockchain

The Technology Behind Cryptocurrency Will Do Much More In Time.

There are enough new technologies today that it can be hard to keep up with all of them. One technology that is leaving a lasting mark is blockchain. The technology behind the ever-popular cryptocurrency Bitcoin (and every other cryptocurrency), is quickly becoming a household name. Here is a brief look into blockchain technology, how it works, and what kind of innovations businesses can use to make it work for them

0 Comments
Continue reading

Is Data a Commodity? Maybe Not, but It Is an Asset

data-commodity

The late American author Kurt Vonnegut once wrote, “New knowledge is the most valuable commodity on earth. The more truth we have to work with, the richer we become.” Written in the 20th century, it has been put in practice by 21st century businesses. As the Internet has grown, the amount of companies expanded, and the amount of data that those companies collect has grown exponentially, especially now that there is a market for such data.

0 Comments
Continue reading

A Look at Business Computing Costs: Cloud vs. On Premise

onpremise_cloud

Profitability is less the measure of being able to turn a profit, and more the measure of how much profit you can make. For the successful small business, the integration of technology can dictate what kind of annual margins you are looking at. For the new company, however, it can be something even more critical: the difference between setting a course for success, or wallowing in failure. Today we analyze the cost difference between hosting your IT in-house, or choosing to host it in the cloud.

0 Comments
Continue reading

By accepting you will be accessing a service provided by a third-party external to https://appalachiatech.com/

News & Updates

P R E S S    R E L E A S E Mechanicsburg, PA, September 16, 2021: Today, Appalachia Technologies, a Managed IT and Cybersecurity Provider, was named a Top 250 MSSP for 2021 by MSSP Alert – a news & research resource for Managed Security Services Providers (MSSPs). The list tracks the world’s top managed security services providers.

Contact Us

Learn more about what Appalachia Technologies can do for your business.

Appalachia Technologies
5012 Lenker Street
Mechanicsburg, Pennsylvania 17050