By: Joseph Imperato, Sr., Partner, XSolutions Consulting Services, LLC Introduction Gamblers know the saying, “the house always wins.” You may win at first, but you’ll give your winnings back to the house if you play long enough. If the house is crooked to begin with—you’ll lose much sooner. The Set-Up March Madness is an annual phenomenon where millions hope to cash in. Online gambling sites take advantage of this event to hook young people into today’s “easy-money” culture. They make it look so easy. Every commercial shows winners galore! Their message, “You can’t miss!” Meet Michael—A Young Gen Zer Michael feels that his path to riches is through the internet—no 9 to 5 job for him. He sees online gambling commercials on his TV and figures he can cash in quickly. After all, he grew up with technology. He has it covered. So, as March Madness begins, he searches online for a gambling site “he can own.” Michael is optimistic he’ll make a fortune. So, he searches until he comes across a site that looks great. They guarantee his returns 100%. Michael is sure he’s found his path to riches. The Hook The site looked good and made promises that Michael couldn’t ignore. So he signed up and transferred funds from his bank account to get started. The first few rounds were a dream. Michael cashed in on every one of them. It was easy to win. So, Michael kept increasing his bets in hopes of a bigger payday. Trouble In Paradise As Michael started placing more and higher bets, it suddenly got harder to withdraw his money. Technical issues kept cropping up. Then, finally, he started receiving emails to verify his information. They wanted to verify his bank account number, social security number, and asked for a “backup” credit card. In the meantime, Michael could not access the funds he transferred to the site or his latest winnings. He was furious. Dashed Dreams Michael started an internet search on the gambling site. He found hundreds of complaints from previous customers. They all had the same problem as Michael. They won at first, then lost access to their money. Michael realized that the site was a scam. He kicked himself for not researching before giving them money. Then it dawned on him! Michael gave the scammers his financial information and social security number. The thought made him ill. Michael became a victim. Not only did he lose money, but his identity was stolen which caused problems for years. Did You Spot The Red Flags?
Learn To Protect Yourself
Conclusion It is possible to gamble online safely, but you must take precautions. The younger generation grew up with technology. The problem is that they trust what they see online too much. Because of this, the underworld is cashing in—big time! Don’t become a victim. XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection | Security Awareness Training. Call (845) 362-9675 for a free consultation.
5 Comments
By: PSEG Every year, more businesses realize that conserving energy is key to delivering a sustainable future, and are taking the initiative to support communities by reducing their impact on the environment. Doing business in a way that delivers value and fosters environmental stewardship doesn’t have to be a complicated process. Energy efficiency easily aligns with the overall needs and goals or your organization. Becoming more energy efficient can reduce operational expenses, improve productivity, and create safer, healthier spaces for staff, clients, and customers—all while contributing to a clean, sustainable future. And, with New Jersey focused on reducing greenhouse gas emissions 80% by 2050 from 2006 levels, there’s ample opportunity and equal parts motivation for businesses to cut back on energy use. Just follow a few simple steps and energy and cost savings can be realized in a relatively short period of time. Take action this Earth Day by investing in the planet with an energy-efficiency investment in your business. There are many opportunities to save, including: • LED fixtures, sensors, and controls • HVAC systems • Water heating equipment • Food service equipment • And more PSE&G is ready to assist business customers with a wide array of financial incentives, such as interest-free, on-bill repayment plans, designed to make energy-efficiency upgrades easy and affordable. To learn how to maximize your energy savings, contact PSE&G at 1-844-300-PSEG (7734) or visit bizsave.pseg.com By: Richard Mirliss, Managing Member & Practice Leader, Consilium Partners and Lance Rothenberg, JD, LLM, Director, State and Local Tax Services, CohnReznick As employers continue to craft and refine their remote work strategies and policies, there are a number of operational, legal, and tax implications to take into consideration. In the January 2022 installment of the CohnReznick National Tax Webinar Series, members of Lindabury, McCormick, Estabrook, and Cooper, P.C.; Consilium Partners, an affiliate of CohnReznick; and CohnReznick offered an overview of key concerns to think through, on topics including:
An on-demand version of this webinar is now available here; register to watch. Read on for six additional takeaways on taxation, technology, and other hybrid work matters, based on questions asked during the event, with answers provided by presenters Lance Rothenberg of CohnReznick and Richard Mirliss of Consilium Partners. (Questions have been revised for length, clarity, or applicability.) Explore our other recent webinars and alerts for more on remote work and other tax considerations; and make sure you’re subscribed here to receive future updates, including webinar invitations. Written by Lance Rothenberg, CohnReznick Q: Should a company review its corporate income tax filing requirements as a result of employing remote workers? A: Yes. Employing a remote workforce may trigger a host of new tax obligations. Remote employees working in a new jurisdiction will very likely trigger physical presence “nexus” for the employer. As a result of having nexus with the new state(s), the employer should evaluate whether it has a new corporate income tax or business entity tax filing obligation in that state(s). Q: When an employee works from a jurisdiction that is different from where they reside, is there a set period of time that triggers a tax change? A: Employing a remote workforce or having employees working from within different jurisdictions can present a variety of complex tax compliance considerations for both the employer and the employee, and there could be a variety of different time frames that impact tax changes depending upon the issue and the jurisdiction. The employer will want to understand the location of its workforce so that it can evaluate whether it may have new compliance obligations due to both where its workers are performing services and for how long (i.e., the location and duration of their work). Withholding tax requirements, for example, vary state by state, and the employer might be subject to new registration and withholding obligations. The employee, on the other hand, will want to understand whether their own presence within a jurisdiction triggers a nonresident filing obligation, whether they might be at risk of being treated as a resident in more than one jurisdiction, and the impact of multiple withholding upon their resident credit in their state of domicile. These can be complex issues. Q: We are a New York employer, but since the onset of the COVID-19 pandemic, we have had employees who have continued working from their homes in neighboring states. How does New York’s “Convenience of the Employer” rule impact our withholding requirements? A: The impact of New York’s “Convenience of the Employer” rule is a common source of complexity and questioning among New York-based employers. In brief, the Convenience of the Employer rule is a wage sourcing rule that looks to treat the income of a New York nonresident employee who is assigned to an office location within New York as New York-source regardless of the actual location where the employee performed services, with certain exceptions. In other words, if a New York nonresident works from home rather than from the New York office for their own convenience (as opposed to at their employer’s direction), the Department of Taxation and Finance takes the position that this income is New York-source income, because the employee is otherwise assigned to the New York office but chose to work from home. This is true even with respect to teleworking arrangements throughout the duration of the COVID-19 pandemic. As such, New York will look for withholding tax. On the other hand, the employee’s home state may also require withholding under certain circumstances. These issues merit careful consideration. Written by Richard Mirliss, Consilium Partners, an affiliate of CohnReznick Q: What technologies are we seeing emerge as critical for a successful hybrid workplace transition? A: The key elements technology has addressed thus far have been to accommodate or enhance the following functions: space scheduling, hoteling, productivity, onboarding, workflow management, communication, and collaboration. As technology continues to evolve and adapt to the changing needs of corporate America, more enhancements and solutions continue to come to market. We have used many products and services in each of these categories to assist organizations with hybrid migration. Overall, our feeling is that technology is the last piece of the puzzle (but critical) and that the “organizational change” initiatives and manner in which the technology is implemented have had the most powerful impact for employees and their acceptance/enjoyment of the transition. Q: What are some ideas and best practices to enable going 100% remote or allowing very limited attendance per week? A: The strategy and organizational change created and implemented by senior management has been critical to any adjustment to a new operating environment. If the strategy is supported and reinforced on a day-to-day basis, we’ve seen that any arrangement is possible and can become successful. 100% remote is certainly feasible for any operation as long as its business model is sustainable in such an environment. If face-to-face interaction with clients, manufacturing of a product, employee management, and/or services administration can all be handled without a physical presence, then such a dramatic shift may not be a problem. Q: What are the major concerns for the hybrid work environment going forward? A: Innovation, collaboration, and commitment are the major issues we hear over and over as pressing management concerns. Employees appear to love the flexibility and productivity of working in a hybrid environment. Employers, on the other hand, fear the longer-term impacts it may have on the organization. Because they can’t have their “finger on the pulse” of the organization the way they have been accustomed to, they may question the “feel” of managing and momentum. By: Joseph Imperato, Sr., Partner, XSolutions Consulting Services, LLC IntroductionThere are many backup technologies on the market today. Yet, many don’t go far enough. Such systems give SMBs a false sense of security. As an MSP protecting client systems since 1999, we’ve settled on what, we consider, is the best Business Continuity solution today—Datto. XSolutions is a proud Datto Partner, the most trusted name in Business Continuity solutions. Make Business Continuity Disaster Recovery (BCDR) the cornerstone of your cybersecurity program. No security solution can protect your network 100% of the time. With BCDR, if the unthinkable happens, you’ll be able to recover and save your business. Without it, you’ll become another statistic. We chose Datto as our BCDR platform of choice to protect our customers for the following reasons. A Secure Cross-Platform For Data ProtectionDatto SIRIS protects your data on both physical and virtual servers. SIRIS provides:
Datto’s Cloud Deletion Defense™Datto’s new feature gives you access to deleted cloud snapshots. This protects you from employee error, malicious insiders, and network intrusions. Backup With 100% ConfidenceMany systems backup your data, but it is hard to confirm that the information is viable. Datto verifies backups at many levels. In addition, each snapshot is bootup-ready through its screenshot verification process. As a result, you’ll always know if your backups are viable so you can fix issues BEFORE disaster strikes. Datto also scans backups for signs of ransomware and alerts you if it finds trouble. This “early warning system” allows you to take immediate action. Ransomware DefenseDatto uses various technical methods to defend your backups against ransomware and corruption, such as:
Our mission: “Deliver true Managed IT Services by putting people first. Because there is no time for downtime.” XSolutions offers amazing Datto technology PLUS exceptional support. Call us for a free, no-obligation consultation. XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection | Security Awareness Training. Call (845) 362-9675 for a free consultation. By: Bhavesh Vadhani, Principal, Global Leader, Cybersecurity, Technology Risk, and Privacy, Daryouche Behboudi, Managing Director, Cybersecurity, Technology Risk, and Privacy & Deborah Nitka, Manager, Cybersecurity, Technology Risk, and Privacy, CohnReznick A new federal law is set to add significant reporting demands for many organizations, particularly federal agencies and businesses deemed “critical infrastructure operators.” Most notably, the Cyber Incident Reporting for Critical Infrastructure Act will require covered entities to report “substantial” cyberattacks to the government within 72 hours after confirmation, and to disclose ransomware payments within 24 hours. These quick-turn reporting requirements will impact organizations across 16 “Critical Infrastructure” sectors, including financial services, energy, “critical manufacturing,” transportation systems, and healthcare. The bill was quickly passed amid heightened concerns that Russia might ramp up cyberattacks in retaliation for U.S. involvement in sanctions related to the invasion of Ukraine. While full approval of the language may take some time – the current text allows a total of 42 months for rulemaking and delivery of the final legislation – it is clear that the legislation will require that covered entities continuously monitor for threats, swiftly detect and respond to incidents, and provide timely reporting on incidents and ransomware payments. To meet these requisites, critical infrastructure owners and operators will need to make sure that they have the right technologies, procedures, and adequate resources in place, along with documented and tested incident response plans and reporting processes. The legislation The new legislation was attached to the sweeping $1.5 trillion omnibus spending package signed into law on March 15. It was previously proposed as part of the Strengthening American Cybersecurity Act, which passed the Senate earlier this month; there it was combined with two previously considered laws, the Federal Information Security Modernization Act (FISMA) and the Federal Secure Cloud Improvement and Jobs Act, but only the critical infrastructure provision was included in the omnibus. In addition to the critical infrastructure reporting requirements, it also requires that government agencies “enhance the quality and effectiveness of information sharing and coordination efforts”; to encourage reporting, the legislation says that incident reports will be “proprietary.” Exact requirements are not final; they will be determined by the Cybersecurity and Infrastructure Security Agency (CISA) through a rule-making process. It’s likely that the mandates will comprise an extension of the National Institute of Science and Technology (NIST) Special Publication 800-171, as well as certain provisions from NIST SP 800-63-4 (draft), which sets forth security controls for critical infrastructure. CISA will also be responsible for harmonizing the law’s requirements and jurisdictions among federal agencies such as the FBI. The heavy lift Implementing the advanced cybersecurity capabilities will be an arduous undertaking for most. The mandate to report cybersecurity incidents within 72 hours will be especially challenging; even organizations with mature cybersecurity capabilities may lack the people, technologies, and processes to deliver 72-hour reporting. A deep-seated reason is that many still consider cybersecurity an IT issue, not a core business responsibility. It’s important to remember that these protocols are necessary because they protect information, which is the new currency in today’s connected economy and global ecosystem. Implementing the new requirements will require that organizations change how they think about cybersecurity. The rising frequency and severity of cyberattacks have become an existential threat for businesses across industries – and should be treated as such, from the board down. Most business leaders we talk to believe that a cyberattack on their organization is a matter of when, not if. The most security-conscious among them assume that they have already been compromised, and have begun exploring how to quickly identify, eradicate, and remediate cybersecurity incidents. A strong, comprehensive incident response plan is critical. Even if remediation is swift and effective, intruders can inflict considerable damage. Compromises can go undetected for months or longer, giving intruders ample time to carry out destructive attacks. One thing the bill doesn’t require is that third parties disclose incidents discovered on clients’ networks, as did previous drafts. Similarly, the legislation alters earlier language that required almost all businesses – not just critical infrastructure providers – to disclose ransomware payments. If there’s one overarching weakness of the law, it’s that it doesn’t address protective measures, to help avoid incidents in the first place. In today’s elevated threat environment, organizations will need both defensive and proactively protective playbooks to address cyber-risks. It takes time to get cybersecurity ready – and right. Overall, the legislation establishes the urgency of implementing additional cybersecurity capabilities for the nation’s critical infrastructure and federal government agencies. Yet the extended time frame for rulemaking and delivery of the final bill belies the urgency of these measures. The enforcement mechanisms are not especially robust. The government can issue a subpoena to organizations that fail to report incidents, and those that don’t respond to a subpoena are subject to civil action in a U.S. district court. It should be noted that a potential contempt of court penalty is not a particularly strong disincentive. Nonetheless, this legislation represents an important step toward protecting U.S. critical infrastructure from increasingly malicious and destructive nation-state actors. The law’s information-sharing policies will provide transparency and boost cyberthreat awareness among critical infrastructure operators and federal agencies. Forty-two months to prepare for the legislation may seem like a long time, but now’s the time to get started. It will be a significant effort to hire and train people, implement technologies and processes, and test reporting systems. You’ll need ample time to get cybersecurity ready – and right. |
Guest Blog
Archives
August 2024
Categories |