Posts Tagged ‘education’

Cloud-Based Data Storage Solutions Aren’t Risk-Free

Thursday, September 1st, 2016
Cloud-Based Storage Solution | Rea & Associates - Ohio CPA Firm

If you do decide to store your company’s data on the cloud, be sure to thoroughly investigate the cloud environment you intend on using. Then pay close attention to whether their security controls and processes, including rollover sites or backup and testing procedures, adhere to industry standards. It’s also best practice to request a SOC (Service Organization Controls) SOC Report from your cloud provider. Read on to learn more.

I am regularly asked by clients, friends and family whether they should be concerned with storing their data in a cloud-based environment. My answer: Absolutely.

Even though cloud-based data storage solutions are managed by storage and security professionals (at least hopefully), there’s really no way to determine whether their authentication policies and data security procedures are always in line with industry standards. Because I’m acutely aware of these standards and best practices, I would have a hard time entrusting a cloud-based data storage enterprise with copious amounts of my company’s sensitive information.

Download The Free Whitepaper: Cybercrime: The Invisible Threat That Haunts Your Business

At the end of the day, your company’s data and the data you collect is your responsibility. Therefore, your IT team is ultimately responsible for verifying whether it’s properly secured and whether a proper authentication protocol is in place to ensure that those accessing data are approved to do so. When you work with a cloud-based data storage solutions business, your control over data security procedures is significantly limited.

And just because we haven’t heard much about these types of breaches in the past, doesn’t mean they don’t happen. Consider, for example, the latest “mega-breach,” that has affected millions of Dropbox users.

The Dropbox Breach

According to reports, more than 68 million Dropbox user accounts and associated information, including user names and passwords, were discovered online. The company said Dropbox user information stolen by hackers and distributed via the Internet was the result of a previously disclosed data breach from 2012. Unfortunately, the company and the company’s users are still being hurt by this attack. In response, Dropbox said in a statement that it was forcing password resets.

“We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users,” said Patrick Heim, head of trust and security for Dropbox. “We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”

Protect Your Data To Protect Your Company

Most professionals in the data security field – including myself – believe that any and every site can be hacked. Therefore, in an effort to protect our companies and the businesses and individuals we serve, our goal is to provide comprehensive cybersecurity education to all employees while striving to be aware of all data security issues that may have occurred. Hopefully we will know about any data breach long before cybercriminals have a chance to post information on the Internet or before our businesses are notified of an issue by the FBI or Secret Service.


Want to know why data security professionals say that your company’s employees are your weakest link? This video highlights a common security breach method used by hackers to gain access to your company.


You can take a proactive stance against cybercriminals with the following data security protocols.

  • Don’t just install a firewall, constantly monitor your firewall. Your IT team can constantly monitor your company’s firewall through the use of Security Information and Event Management (SIEM) or Intrusion Detection Systems (IDS) programs. You can also work with an external service provider to provide this essential service.
  • Passwords are powerful, protect them. Require your employees to use complex passwords to log onto your company’s network and change those passwords regularly. Secondary authentication is also important to use wherever possible.
  • Don’t wait for disaster to strike – actively defend your company. Routinely test the access controls of your employees. Not all employees require access to all company data. Instead, only grant access to the data your employees need to do their jobs.
  • Educate, educate, educate. It seems like there are new phishing attempts, ransomware attacks and malware issues every day. But just because you hear that they are happening doesn’t mean your employees are aware. Make sure you keep your employees up to speed. Doing so may just stop them from clicking on a potentially dangerous email.

If, for whatever reason, you do decide to store your company’s data on the cloud, be sure to thoroughly investigate the cloud environment you intend on using. Then, pay close attention to whether their security controls and processes, including rollover sites or backup and testing procedures, adhere to industry standards. It’s also best practice to request a SOC (Service Organization Controls) SOC Report from your cloud provider.

At the end of the day, all you can do is take ownership of your data and be proactive when it comes to verifying the safety and security of your organization’s data. Email Rea & Associates to learn more.

By Joe Welker, CISA (New Philadelphia)

For more tips and insight to help keep your company safe from cybercriminals, listen to episode 41: “the hacked & the hacked nots” on unsuitable on Rea Radio.

Share Button

16 Resolutions For Business Growth In 2016

Monday, January 4th, 2016
Be Accountable In 2016 | Rea & Associates | Ohio CPA Firm

Might we suggest 16 resolutions to help your company prosper in 2016?

New Year’s resolutions aren’t just great ways to set personal goals; they can help keep us on track professionally as well. This year, instead of worrying about which goal you are going to pick from the New Year’s Resolution menu, why not consider committing your energy and resources into ways that will improve the overall health of your business?

Might we suggest 16 resolutions to help your company prosper in 2016?

1. Celebrate your amazing team.

If you’ve been in business for a while, chances are you wouldn’t be where you are today without your team. Just remember that if you don’t work to retain your top performers, you run the risk of losing them. Start celebrating your human capital.

2. Make a gift, but make sure it’s effective.

When we give a monetary gift to a not-for-profit organization, we want to know that it’s going to be used in the best, most effective way possible. Make sure your money is well spent.

3. Design a better retirement plan.

The way your company’s retirement plan is designed can be a huge motivator for your employees. If your plan has a good plan design, participants will be more willing to invest in it. Work with a retirement plan expert to find a retirement plan design that works for you.

4. Review your will, estate plan and buy-sell agreement.

Legal changes over the last few years may have made updating these documents necessary, not to mention any personal changes that may have taken place. It’s just good practice to make sure this important paperwork gets updated regularly. It could get messy if you forget.

5. Develop a line item in your budget for continuing education.

Investing in yourself and your employees is a good way to engage your workforce. One way is to add dollars to the budget for training and continuing education. Find out what else you can do to promote employee retention.

6. Improve your company’s cash flow.

Easier said than done, right? Just remember that you can’t spend the bottom line profit, but you can use the cash flow to reinvest in your business and community. A sustainable cash flow model will ultimately increase the value of your business.

7. Know what your business is really worth.

Your business is easily your most valuable asset. So, how can you nurture its growth if you don’t know how much it’s worth? Discover why it’s so important to know the value of your business.

8. Develop a wellness program.

Healthcare costs are high and one way companies are taking control is by introducing a wellness program. As with any new plan, several factors will greatly increase your company’s success.  Start planning your wellness program implementation and soon you will be saving money.

9. Upgrades for the business.

It seems like there are always better ways to get things done. Perhaps 2016 is a good time to make a few upgrades. In the process, your purchase could be good for a deduction at tax time.

10. Schedule a family vacation.

A successful business has the understanding and support of your family. Long hours … late suppers … numerous emails and a 24/7 mentality have become just another part of the routine. Reward yourself and your family with a family vacation. A vacation isn’t just good for your peace of mind, it’s good for your business.

11. Save more for retirement.

It’s always a good idea to keep your retirement goals top-of-mind, which is why you should evaluate your current retirement plan situation and determine if you need to make any changes to get further ahead in 2016. Ask your advisor if you are setting aside as much as you could (and should) be.

12. Defend your cyber space.

Hackers and fraudsters are stopping at nothing to get to your data. Whether they have plans to steal your system’s information to sell to other criminals or are trying to make a quick buck by holding your data for ransom, if you don’t have a disaster recovery plan you and your business could be in serious trouble. Make 2016 the year you get your data security plan in place.

13. Meet with all your advisors at least once a year.

You work with a lot of people over the course of your career and it’s important to maintain those relationships – regardless of whether you will need their services or not. Set aside some time to meet with your accounting, legal, estate planning, investment, banking, retirement and other advisors, even if it’s just to chat. An impromptu meeting could reveal opportunities you didn’t know were there.

14. Establish a fraud hotline.

The Association of Certified Fraud Examiners has found fraud hotlines to be the most effective way for detecting and preventing fraud. Don’t let occupational fraud destroy your businesses.

15. Stay organized … for real, this time.

Every year it happens. You promised yourself that this year would be different. Now, once again, you are rushing to your gather receipts, remember how much money you spent at last year’s company retreat, and backtrack through balance sheets. Wouldn’t it be nice not to have this year-end stress anymore? By implementing a few simple procedures, you can avoid another crunch-time crisis.

16. Trim the fat.

If you are really looking for a way to make a significant reduction this year, take a look at your inventory. If you are carrying around some extra weight, chances are your business is feeling the pinch. This simple 3-step program will get you back on track.


Be Accountable In 2016

Have you identified a few resolutions to begin implementing over the course of 2016? Great! Need help holding yourself accountable? Send your list of 2016 New Year’s Resolutions to Rea & Associates and one of our business consultants will work with you to make this your best year in business yet!

Share Button