Monthly Archives

April 2017

Encrypt an Email and Secure Your Gmail – Tips and Tricks for Email Communication

By | Abila, Accounting, CPA, Data, HR, MIP Fund Accounting, Nonprofit | No Comments

The greatest threat facing the CPA community isn’t legislation or competition. It’s security as it pertains to our technology. CPAs must be cognizant of the latest security measures to protect sensitive, confidential client data. Technology has made it easy to send information to clients with the touch of a button, but where does that information end up – and how long does it remain accessible?

Such considerations are no longer academic questions. Instead, they are essential to running a secure and confident CPA practice.

Email Encryption: Protecting Sensitive Communications

Emails are by far the biggest offender when it comes to potential data breaches. Most email systems aren’t sent using encryption. Because emails are automatically shared across multiple devices these days, your email lives on long after you attempt to retract or erase it. It’s almost impossible to completely erase all traces of an email from hard drives, backup servers, and the recipient’s servers and devices.

The best way to protect emailed information is through encryption. Encryption “locks” messages so that only the recipient can read them. The recipient’s software automatically unlocks the message so that it can be read. If some third-party swoops in and somehow accesses the email, it cannot read it.

To encrypt your email transmissions, you can use a service that includes encryption. Gmail and Outlook are both good, solid email programs that incorporate encryption into their programming. Both services also include cloud storage, spam filtering, and IMPAP/POP support.

The drawback to using these services is that they use their own extensions rather than your company’s extension address. To rectify this situation, you can important Gmail or Outlook messages into Outlook Desktop.

The steps include:

1. Turn on two-step verification: Go to google.com/landing/2step, click the Get Started button, and follow the steps to set up two-step verification. A code is texted to your smartphone, which you enter to verify the account.

2. From your Outlook 2010, 2013, or 2016 ribbon, select File, Add Account to launch the Auto Account Setup screen.

3. Enter your name, email address (Gmail or Hotmail/Outlook.com), and password, and then click Next.

4. Set up a Gmail alias with your company name:

a. Open your Gmail account.

b. Sign in.

c. Click the Settings gear in the top right corner.

d. Choose Settings.

e. Select from the horizontal menu the Accounts and Import tab, Import mail and contacts,

f. Enter the email address you want to use as a Gmail alias.

g. Enter the password, and if necessary, enter the Pop username and Pop server.

h. Click Continue.

i. Sign in to the account you added

j. Open the confirmation message you received from Gmail

k. Click the link in the email to confirm and establish the connection.

l. To complete the setup, change the From line to reflect your newly added alias email address. For more details on how to set up a Google email address alias, visit Google support.

The process to set up Outlook aliases is similar.

1. Open Outlook.com.

2. Click the Settings gear.

3. Select Options.

4. In the Options menu in the left menu pane, select Connected Accounts, Other email accounts.

5. Enter the alias email address and your email password then click OK.

Keep in mind that encryption through Gmail or Outlook only works if both sender and receiver are using the same service. In other words, your message is encrypted only if you are using Outlook and your client is also using Outlook. If only you are using Outlook or Gmail, messages are encrypted on your end, but not the client’s end.

If you’d prefer, a computer consultant can help you set up a secure, encrypted email system for your business. Or make it a rule that confidential information must be delivered in person or via snail mail, rather than through email. If you’d prefer that no one else see your message, a phone call or letter through traditional mail may be appropriate.

We live in an age where technology can make our businesses more productive and efficient. It can also compromise sensitive client data. Fortunately, a few steps are all that’s needed to secure your email information.

Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

Could Your Data Be at Risk?

By | Abila, Accounting, Audit, CPA, Data, Grant Management, HR, MIP Fund Accounting, Nonprofit | No Comments

Could your nonprofit associations’ data be at risk? Even with good security, you may still find yourself in the unpleasant position of ransoming your data from an unscrupulous hacker.

New viruses such as the notorious “FBI” virus do not hijack your computer for their own nefarious purposes. Some viruses lock your computer down so that you cannot access any of its information. Instead, once you pay a fee – like a random in a kidnapping – the hijackers ‘release’ your computer.

If you think this can’t happen to you, think again. What used to be a threat to major targets such as large corporations or government organization is now a threat to anyone at any time. In fact, smaller nonprofits may be targeted more frequently than larger ones because small organizations do not have the means to fight back when they’re the victim of crime. Criminals such as data hijackers look for easy targets or organizations that do not have the financial resources to fight back. Any organization is at risk.

What Is Data Hijacking?

The best prevention against data hijacking is awareness. It’s important to understand what data hijacking looks like and how to prevent it from occurring.

Data hijacking occurs when a computer program called ‘malware’ enters your system. Malware means malicious software. A specific type of malware called “ransomware” enters your system through an infected email or computer virus. Most often, users inadvertently click an email link or download software containing the malicious program.

Ransomware installs on the end users’ computer and encrypts the data on the target computer so that it can no longer be read. The encryption is so sophisticated that only the operator of the program has the key that unlocks it. Hijackers demand payment for the data ‘key’ that un-encrypts or unlocks the data.

How Ransomware Gets Past Security

There are many ways in which data hijackers bypass your organization’s secure to target your computers. One common way is to clone an executive or CEO’s email address or LinkedIn profile. They then use the fake profile to send an email with a link to people in your company. They often target top executives but anyone can be targeted.

Once the link is clicked, it downloads the ransomware and locks the target computer. A message appears on the computer screen demanding payment to release the computer. Hijackers often request payment in bitcoin, an untraceable digital currency that’s easy to convert into cash.

Even after paying the ransom fee, there’s no guarantee your computer will be released. In some cases, the hijackers themselves are unable to decrypt the computers after payment is made to them. In other cases, the hijackers simply disappear with your money – and your data is lost forever.

Preventing Data Hijacking

The best way to combat data hijacking is through prevention. The following steps should be undertaken to protect against lost data from data hijacking:

1. Be vigilant when screening your emails. Do not click on links within emails unless your are absolutely certain it’s from a known sender. The same goes for attachments which can also harbor viruses and malware.

2. Keep your computer programs updated at all times. Patches and updates protect against various forms of malware, including ransomware.

3. Backup your data frequently. Store it on the cloud as well as in storage devices NOT connected to computers or the internet.

4. Use firewalls to segment company data. This way if part of your network is affected by ransomware, you may not lose all of it if some is protected behind a firewall.

5. Block pop ups and disable macros in key programs, which are often used to distribute malware.

If you suspect that your company’s cybersecurity has been breached and ransomware or malware has been launched, disconnect your computer from the internet as soon as possible. That may prevent the malware from downloading entirely or from infecting others.

Next, contact Welter Consulting. We can help you with both the immediate problem and creating a long-term strategy to protect against viruses, malware, and ransomware.

Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services to help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

Blog #4

New Standards Mean Changes to Disclosures and Financial Statements

By | Abila, Accounting, Audit, CPA, FASB, Grant Management, MIP Fund Accounting, Nonprofit | No Comments

In August 2016, the Financial Accounting Standards Board (FASB) issued Accounting Standards Update (ASU) 2016-14. This document, entitled, “Presentation of Financial Statements for Not-for-Profit Entities” changed how information is presented in financial statements. The goal was to make information clear and easily understandable for the average person reading a nonprofit’s financial statements.

Areas that the new standards address include:

* Net asset restrictions: The previous categorization of net asset classifications confused many people, especially the term “unrestricted.” The new net asset restrictions bring the categories down from three to two to provide clarity.

* Liquidity: It was difficult under the old standard for people to see liquidity and compare liquidity amounts among various nonprofits.

* Cash flow: Previously, indirect reporting was required, but reviewers found that indirect reporting methods confused many people.

* Expenses: Not all nonprofits reported expenses the same way.

The Changes: Nothing New to Track, Simpler Reporting

The changes required by FASB for nonprofit accounting do not ask for any new information to be recorded or tracked. Instead, it simplifies the method of reporting and recording, streamlining it so that it is more consistent among nonprofits. This enables donors, members, and the public an easier way to compare nonprofit organizations and understand their finances.

The biggest changes are the net asset classifications, disclosure, and expense designation

1. Net asset classification: As previously stated, net asset classifications are changing from three previous potential classifications to two. The two new categories are net assets with donor restrictions and net assets without donor restrictions. Details about the categories are disclosed in the footnotes. The footnotes are expected to provide detail on the funds themselves and how they are apportioned.

2. Liquidity disclosure: On the liquidity disclosure, the new rules require that qualitative details communicate how the nonprofit manages the liquid resources available to meet its cash flow needs within a one year period. Quantitative information must also be provided about the resources available within one year. Additional information is required on the nature and type of liquid assets and any external limitations placed on them by grantors, donors, local laws, etc. Board limits must also be specified.

3. Expenses: Expenses must now be disclosed by natural and functional categories. The methods used to allocate costs must also be described.

The changes recommended by FASB aren’t a surprise, but are long in coming. The continual push to improve communications around financials for nonprofit entities is a welcome one that adds a layer of transparency to the nonprofit world that donors have been seeking.

If you’d like assistance meeting the new FASB requirements, speak with Welter Consulting today. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.

The “Round Robin” Technique Breaks the Ice – Every Time

By | Abila, Accounting, CPA, MIP Fund Accounting, Nonprofit | No Comments

We’ve all been in that certain meeting…the one where deafening silence reigns.

“Any questions?” the chairperson asks brightly only to be met be deafening silence.

No matter how long you’ve been leading meetings, chairing committees, or heading up boards, there comes a time when even the most energetic and influential meeting leaders fails to elicit a response. It’s no reflection on your or on your leadership skills. It may simply be that the participants do not have anything to add or someone is too shy to speak up. Your job as the meeting leader is to break the ice and ensure that everyone who wishes to do so has the opportunity to speak.

Why Don’t People Speak Up?

You pride yourself on being an open, responsive, collaborative leader. Yet time after time, you put forward a motion, solicit feedback, and are meat with a deafening silence. You can practically hear crickets chirping two miles away in the silence of the meeting room.

People are often reluctant to speak up when faced with a controversial issue. Sometimes, people feel unprepared to add to the discussion. They may also defer to authority, feeling that if the meeting leaders suggest something it is the right course of action to take.

To help people feel more comfortable during meetings and speak up, you can:

* Circulate the meeting agenda ahead of time so that everyone can prepare their thoughts before an issue is on the table for discussion or vote;

* Delay your own response as the meeting leader until you hear from others at the table. This avoids the ‘nodding head’ syndrome or people agreeing with you just because you’re leading the meeting. Let others speak first and voice their thoughts.

* Ask people to form small groups of three and discuss the issue in small groups first.

* Suggest that participants write questions on slips of paper, which are then passed to someone designated to read them aloud for discussion.

Each of these methods offers a way to encourage and facilitate dialogue rather than to accept silence as the norm. If all else fails, and none of these suggestions work or feel right for your meeting, try the Round Robin technique.

The Round Robin Technique

This technique is simple, and guarantees that people participate. It is called the ‘round robin’ technique and like the name suggests, moves the conversation around the table to ensure that everyone has a voice in the discussion.

To utilize this technique, bring forward the salient points that are under discussion. Pose the question, but do not answer it yourself if you are leading the meeting. You will speak last to encourage others to share their thoughts.

Turn to the person to your left and ask them to share their thoughts. Then, when that person is finished speaking, ask the next person in turn at the table to go, and continue until everyone has had a chance to speak. When the group has had a chance to speak, the meeting leader can speak, going last.

If someone really doesn’t want to speak, they can say “Pass” and pass their turn. At the end, go back to anyone who has said “pass” and invite them once more to say a few words. They can either decline or speak. Some people may need a few minutes to gather their thoughts, and will have plenty to say when their turn comes around again.

Adding a Stopwatch and Timed Feedback

The Round Robin technique ensures that everyone can be heard and that everyone has a say on a controversial issue. If you can, bring a stopwatch into the meeting and offer each person exactly 30 seconds (or less) to speak. Give them a ‘warning sign’ of a wave or another signal to let them know their 30 seconds is up. Adding a stopwatch and timed feedback ensures fairness for all and is especially useful in meetings where one or two people tend to dominate the discussion. For more information about the Round Robin technique, visit our friends at Jacobson & Jarvis PLC.

It can be challenging to get people to speak up during a meeting. Techniques such as Round Robin and Round Robin with stopwatch are excellent ways to make sure that all voices are heard at your next board meeting.

Welter Consulting

Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.