To quote the Fiddler on the Roof: “That I can tell you in one word.”

Ransomware

Ransomware is an ever-growing global threat where the attackers hide behind computer screens. It’s a growing concern for governments, industries, and individual private citizens because it can cause serious disruptions in everything from the food supply to healthcare. Short-term inconveniences like a cream cheese shortage and waiting in long lines for gas  are just the beginning. It can be downright dangerous when people aren’t able to heat their homes  or when healthcare quality is compromised . Here’s a fact it’s time to face: Ransomware is nothing short of a national security threat.

And as long as it’s profitable to the tune of billions of dollars , it’s not going anywhere.

How Did We Get Here?

According to New York Times reporting, the Facebook model of “move fast and break things” is catching up with companies that built systems quickly to beat competitors to the market. It’s no wonder that cutting corners has landed us in worse shape in the long run. Businesses are facing painful consequences like enormous ransom fees, loss of business operations, compromised data and damaged reputations.

We are facing a very rude awakening, but this is by no means a new problem. Attackers have been honing their skills and wreaking havoc quietly for years. If you’re old enough to have had one of the first email accounts back in the days of dial-up, you may remember getting an email asking for a few hundred dollars in exchange for unlocking your device. It’s now grown into an issue that costs billions of dollars and includes national security risks. What’s new about it is that people are feeling the effects personally.

Who is Behind The Attacks?

According to published sources, over half of the attacks have one thing in common: They originate in Russia. These attackers write code specifically designed to bypass Russian businesses and Putin will not prosecute cybercriminals or extradite them upon U.S. request. Experts believe that Russian attackers operate under two unspoken rules:

1. Don’t attack Russian businesses.
2. Be ready to do favors for the Russian government upon request.

What if Companies Don’t Pay?

In 2019, cybercriminals demanded $75,000 after an attack on the city of Baltimore. Baltimore decided not to pay it and ended up paying $18 million to rebuild the systems instead. The theory is that if all companies refuse to pay, hackers lose their leverage and incentive.

The bigger the impact, the more leverage the attackers have. When you see hospitals turning away ambulances at the door, it becomes really hard to ignore or take the time to rebuild systems altogether. It’s legal to pay the attackers off and many companies find it much more cost-effective to do so.

Hackers, then, are rewarded for their efforts and the cycle continues. The result? Companies spend millions in ransom to get their compromised systems running again. Individuals have their personal information compromised regularly and governments are grappling with an issue they’re now ranking as dangerous to national security as terrorism.

Okay, Well What Can we do About it?

On an individual level, it really is as unglamorous as brushing up on cyber hygiene. The Daily podcast cites the saying that, “security is only as good as your weakest link” and it usually ends up that the weakest links are employees and individuals. The Colonial Pipeline attack was traced back to a single employee with a compromised inactive account.

Josh Hornung at Hornung Technology Services, which specializes in IT Support and Cyber Security services said, “A good unique password for each site is step one. Enabling two-factor or multi-factor authentication everywhere you can is step two. Too many people use the same password across many accounts, which is how a lot of this stuff happens nowadays.”

Even the professionals aren’t immune. Hornung knew of an IT professional at a different company who got hacked. He said the attackers “stole a spreadsheet where he kept all of his clients’ logins and security info.” From there, they “started logging into his clients and infecting them with ransomware.”

On a company level, you can either build your systems correctly on the front end and save yourself a world of hurt, or you can fix the problem retroactively and pay dearly for it. And no matter what: the right time to start fixing what’s broken is right now. To quote Hornung, “It’s wild out there!”

How Does PayReel Keep Clients Safe? 

With the mountains of personally identifiable information we handle each day, security is hugely important to us. We train our employees regularly on cybersecurity and we pay people to try to infiltrate our systems just to find vulnerabilities. At this point, such penetration tests might be a good idea for most companies—even those that only handle smaller-scale data.

That might not seem very glamorous, but in this case, boring is exactly what you want. If your systems are secure, hackers may be inclined to move along to the low-hanging fruit and leave you alone. Either that or you can become fluent in Russian and start operating all of your business in Russian. нет? Okay, well then get on it.

Note: We relied heavily on The Daily’s podcast episode “Who is Hacking the U.S. Economy? ” for this post.

The post What do Supply Chain Shortages, $1.2 Billion, and Compromised Healthcare Have in Common? appeared first on PayReel .

To view our Partner blog, click here

Security is Everything 

How Do You Prevent a Security Breach And Stay Out of The News? 

The post How to Prevent a Security Breach And Stay Out of The Headlines appeared first on PayReel .

To view our Partner blog, click here

Anyone else have a whole folder dedicated to CYB? How about a whole company dedicated to doing that on your behalf? That’s basically what an Employer of Record (EOR) is.

Clients usually come to us with three main CYB dreams for payroll

1. Keep workers happy with on-time, accurate payroll.
2. Keep the government happy with accurate worker classification and compliant practices.
3. Keep our lawyers happy knowing numbers 1 and 2 are happening seamlessly and consistently.

Within those dreams lie many other goals

1. To be able to hire quickly without changing headcount
2. To be able to hire freelancers for special projects
3. To hand off the legal risks of payroll and compliance to someone with the tools to get the job done right
4. To be able to onboard quickly
5. To be able to do business in multiple states without having to know all the rules of each of them 

In order to accomplish all of these goals, companies without a highly specialized internal team (nearly everyone except the really big companies) outsources payroll with either an Employer of Record (EOR) or a Professional Employer Organization (PEO). 

What does an EOR do?

An EOR handles payroll and takes on the paperwork and associated legal risks of employing people. It also allows businesses to add workers without changing their headcount. While an employee performs work for your business, the EOR serves as an employer for tax purposes and handles all personnel functions, including payroll processing, taxes, contracts, benefits, employment termination, background checks, worker performance issues, Certificates of Insurance, workers’ compensation, data security, and more. 

What does a PEO do?

A PEO partners with a business as a co-employer to provide HR services and allows a company to outsource some of the HR load. The business still holds all related liabilities and responsibilities and is also still required to carry its own insurance. PEOs are a good option for companies that need to outsource some services without handing off legal liabilities. 

We are in the business of protecting your business. 

Payroll is very complex and is one of the riskiest aspects of doing business as a highly-specialized process of doing payroll in a timely, secure and compliant manner. Payroll is also really easy to mess up. Errors are not just inconvenient and embarrassing, they are sometimes also incredibly costly due to IRS fines and other costs associated with righting a wrong.

Outsourcing payroll means outsourcing risk and makes business sense to most organizations and keeps the company in good standing with the people on the front lines as well as government agencies. 

Ready to CYB with an EOR? Well, here we are ! 

The post What Employer of Record (EOR) Means And How it Can Cover Your Butt (CYB) appeared first on PayReel .

To view our Partner blog, click here

There’s a battle playing out in court over which workers can be classified as independent contractors versus employees. The legal wars demonstrate one important fact for employers: The IRS takes the practice of hiring independent contractors very seriously. That means you should, too.

Independent Contractors (ICs) are self-employed and hired to do a specific job. They receive payment only for the work performed. Unlike a regular employee, they pick their jobs and regularly move from client to client, business to business. Also referred to as freelancers, consultants and 1099’s, they report their own business income and pay self-employment taxes.

Hiring an IC is attractive to those companies looking for outside creative resources, and who want to outsource work that is not central to their main line of business. The work is project-oriented and is typically completed in a short amount of time. It’s also easier on the budget to pay your IC as a vendor, not as an employee.

Sounds nice, right? But there’s a big catch.

The IRS has very strict guidelines that define true business-to-business relationships. These guidelines are meant to prevent firms from misclassifying would-be employees, thereby avoiding a bounty of state and federal taxes.

Is your IC really an independent contractor?

This is a deceptively complex question. It’s important to confidently be able to answer “yes”, because the risk of facing an IRS audit has never been greater.

Best practices when working with an independent contractor:

• Contractor has an established business entity, with a business name and EIN
• Your contractor provides services to other businesses outside your firm
• IC provides certificates of insurance, including at the least coverage for general liability insurance and worker’s comp insurance
• You have a signed per-project agreement for services between your company and the contractor
• Independent contractors work for multiple clients
• Projects have a contract specifying project length, compensation and liability
• Independent contractor does not function as a division of your company

When working with your contractors:

• Do not train a contractor, direct their work responsibilities or define their work schedules
• Independent contractors should use their own equipment
• Do not provide any employment benefits, such as health insurance and corporate stock options
• Contract on a per-project basis
• Keep in mind that this is a business-to-business relationship

Prevent an audit with contractor payroll solutions

Audits are costly and time-consuming even for businesses that do everything by the book. How much are you willing to pay in time and hassle for employee misclassification? If you have any questions about independent contractor status, trust PayReel to help you make the determination.

We screen each employment situation carefully to assess the entire relationship to make sure you are in complete compliance.

Let us save you years of headaches

PayReel and sister company Crew Connection have a 40 combined years of experience helping companies navigate the complex issue of compliance and working with independent contractors. Call us at 303.526.4900 or email info@payreel.com.

The post Audits suck: Are your independent contractors putting you at risk? appeared first on PayReel .

To view our Partner blog, click here

Elizabeth Lewis is a client relationship manager. If you have a problem, she has a solution.

Before joining the team at PayReel, Elizabeth spent seven years working with a diverse set of clients and organizations at The Kimmel Center for the Performing Arts in Philadelphia. She has a natural passion for building relationships and spreading joy to those around her. This has become a cornerstone to her commitment to excellence in customer care.

A native of The Garden State, Elizabeth will grow things wherever she can find the space. She also loves animals, especially horses, and is looking forward to fishing in the mountains of Colorado.

Something else: Elizabeth thinks there’s nothing tastier than steaming hot fries dipped in a vanilla milkshake!

Give our client relationship team a call at 303-526-4900. Elizabeth or one of the other team members will help you find solutions for your worker classification or payroll challenges . Go ahead. Try us.

ABOUT PAYREEL:

At PayReel, we minimize the time and effort it takes to get you ready for your project. Rely on PayReel to assume all of the risks associated with worker classification and get back to the business at hand. We make sure everyone gets paid quickly and easily and have Client Relationship Managers on call around the clock to answer your questions. All you have to do is call 303-526-4900 or email us. The PayReel team makes video production, live events, media, and entertainment payroll easier, faster, and seamless

The post Meet the team: Elizabeth Lewis appeared first on PayReel .

To view our Partner blog, click here

In today’s blog let’s look at the difference between temporary and part-time work.  These two concepts can sometimes be confused with each other.

Part-time employees always work less than a full-time workweek. Society for Human Resource Management (SHRM) defines part-time work as someone “who works 1 to 30 hours a week.”  Part-time employees generally work on a regular schedule. This schedule may change but the employment relationship is ongoing and indefinite.  Most companies will directly hire part-time employees. Historically, many companies do not offer part-time employees health or other benefits. Many states and jurisdictions have implemented mandatory sick leave for part-time, W2 employees.

Temporary work is generally sporadic and not governed by a fixed or regular schedule. In the production industry we tend to refer to this as project based or day hire work. Some businesses and government agencies hire their own temporary employees directly while others prefer to use companies that provide this service such as TeamPeople.

Many companies that initially hire their own “temporary employees” start to utilize these individuals in a manner that blurs the line between being a temporary employee or a part-time employee. In some cases the line may even start to blur with these individuals working in a manner that appears to be close to full-time. That is when the risks increase that the employee may be misclassified.

Most companies pay their part-time employees via their payroll system and withhold the appropriate federal, state and local taxes. They also pay workman’s compensation on these individuals. The use of temporary workers typically includes issues related to determining whether the person is an independent contractor or an employee. This impacts whether they are paid via payroll or through the payable system. We will examine this issue in another blog.

At TeamPeople, our roots are in the broadcast production industry. We like to say we are media people staffing media people. The principals and staff at TeamPeople have years of experience in the industry as producers, editors, broadcast engineers, production managers, and in related management, creative and technical positions. As members of the production and AV community we understand the staffing issues faced by our clients in today’s competitive environment.

We are also a staffing company and members of the American Staffing Association. Through our involvement with this organization, we stay current with employment laws and topics of interest to our clients such as co-employment and changes in health care laws.

To view our Partner blog, click here