Time is running out

Save on your 2019 IT purchases with Section 179 tax deductions

“Save Money” by Got Credit is licensed under CC BY 2.0

Increased limits and new tax rules may significantly offset the purchasing and leasing of business equipment for the year, but the equipment must be placed into service before December 31st.

What Is this?

The IRS states Section 179 of the Tax Cuts and Jobs Act of 2017 allows businesses to deduct the full price of qualifying equipment, including hardware & software, purchased or financed during the tax year.  This tax deduction is limited to $1 million for 2019.

What purchases qualify?

Most new and used (must be new to you) equipment purchased outright, leased or financed qualifies, provided it is placed into service by December 31 of the tax year claimed.

Why is this important?

  • Microsoft is ending support and security updates for Windows 7 and Server 2008 in January, and this deduction could completely offset replacement costs.
  • Equipment upgrades can increase productivity, improve your IT security posture, and meet demanding new regulatory requirements.
  • New and growing businesses can expand without having to amortize these purchases over the course of several years.

Whatever the reason, the Section 179 deduction may significantly offset the purchasing and leasing of equipment by providing an immediate sizeable tax break. However, you must finalize equipment purchases and leases now to benefit.

RWA is here to help you. Contact us now for your IT purchasing, leasing, installation, project management and other technology support needs.

For more information on this tax deduction, please visit the Section179.org website and consult your tax, legal and accounting advisors.

RWA is an Information Technology company and Managed Services Provider. We do not provide tax, legal or accounting advice or opinions. This material is for general information purposes only, and is not intended to provide, and should not be relied on for, tax, legal or accounting advice. You should consult your own tax, legal and accounting advisors before engaging in any transaction.

2 Months Left to use Windows 7

Windows 7 will reach end of life on January 14th, 2020. At that time, Microsoft will cease releasing security updates for most of their customers, and anyone that needs to meet security regulations for their business will need to upgrade to Windows 10.

RWA technicians will be busy over the next few weeks and holiday season, upgrading operating systems and meeting the needs of new customers. If your business needs to upgrade, please reach out to us immediately for scheduling.

Fall 2019: After many years, this is the best time to upgrade or buy a new computer.

New Laptops

One of the best new releases is the Asus Zenbook Pro Duo, pictured above. Rather than wasted space above the typical laptop keyboard, Asus added a second screen that will help programmers and researchers enjoy improved productivity.

The End of the GPU shortage

ASIC devices have replaced GPUs for the vast majority of bitcoin mining loads.

For many months, Bitcoin mining reduced the supply of graphics processing cards on the market to zero. Last year, newer graphics cards started to hit the market at the same time ASIC devices came along to replace GPUs for mining. With any luck, affordable graphics performance is here to stay.

The End of the RAM Shortage

Volatility and price drops in the retail RAM market

Due to high demand and slow production – and possibly illegal market manipulation – RAM prices dropped from over $240 for a set of 8GB modules to $90 in the span of a year. While the market has been unstable over the last two months, this was a significant cost as part of a typical $600 low-end computer.

Solid State Drives and Optane

A speed boost for your traditional hard drives.

There’s one blanket recommendation we make to all of our clients these days – if you run Windows 10, you should run it on a Solid State Drive. Modern operating systems simply keep the spinning platters of a traditional Hard Drive too busy, wasting time and productivity for your staff. Solid State Drives cost significantly more on a per-megabyte basis, but often run 20 to 40 times faster. Newer NMVe drives and motherboards eliminate traditional disk drive transfer interfaces, allowing for even better performance on new computers.

If you need a large hard drive but want a bit more speed, Intel’s Optane is here to help. As the successor to Intel’s “Rapid Storage Technology”, Optane is a small-but-fast SSD designed to cache the most frequently accessed parts of your traditional hard drive.

RWA is your preferred partner for a changing world of information technology.

Our technicians and purchasing officers constantly train and keep their knowledge up-to-date, ensuring our clients always get the best advice and recommendations for their hardware and cloud investments. Are you ready to remove IT roadblocks that are keeping you and your staff from reaching their full potential? Schedule a complimentary IT health check today!

What does the UK, Windows 7, and the VW Beetle have in common?

A short list of everything going away or shutting down over the next few month:

Microsoft will stop supporting Windows 7.

The UK is leaving the EU.

Volkswagen will stop producing the Beetle.

MoviePass is failing.

Every Disney, Star Wars, and Marvel movie on Netflix will go away.

Old Towne Road rides into the sunset, hopefully.

… And that’s just the tip of the iceberg.

Fortunately, RWA can help. If you schedule an appointment in the next few weeks, our technicians can visit your site, take stock of all of your Windows 7 computers, and put together your upgrade plan for Windows 10.

Windows 10 End-of-Life takes place on January 14th, 2020. All services and support for that product will end at that time, and your business will need to upgrade before that date.

Preparing for Windows 7 End of Life

Image Credit: Managed Encryption

Windows 7 is currently in an ‘extended support’ status that ends on January 14, 2020. After that date, only volume licensed customers will be able to purchase support from Microsoft – at escalating rates – for the next 3 years. For everyone else – home users and business users alike – you’ll need to upgrade to Windows 10 if you intend to keep receiving software updates from Microsoft.

If you run a business that abides by any sort of regulatory compliance, you will need to upgrade to an actively supported operating system.

Back Up Your Data

If you have any in-progress projects or data that doesn’t already reside in the cloud or have a backup available, you’ll want to take care of this before upgrading to Windows 10 or allowing Windows 7 support to expire. While the upgrade process is more straightforward than it has ever been before, there are always exceptions to the rule. Take your time, catalog your data, and keep it safe – an ounce of prevention is worth a pound of cure.

Upgrading to Windows 10

If you’re a home user, upgrading to Windows 10 is a simple affair – purchase the retail product, insert the USB drive, and following the prompts.

However, if you’re a business – especially one with a managed network and domain – we recommend reaching out to RWA for consultation and network assessment. A typical modern workplace will have at least one or two “line of business” applications with specific technical and regulatory requirement. We will analyze your firewall, servers, and connected workstations, then provide detailed guidance on hardware requirements and upgrade planning. RWA technical specialists will ensure a smooth transition from Windows 7 to Windows 10.

Migrating to the Cloud

In recent years, Microsoft Azure and Amazon AWS have started offering cloud-native virtual desktops. Starting at $20/month, cloud VDI allows your employees to access their desktop and applications anywhere they go, freeing businesses from the need to secure and support actual PC and laptop hardware. Meet with us today to discuss options and plan your next steps into the cloud.

The Risk of Doing Nothing

The most significant cyberattacks of the past decade relied on exploits carried out against unsupported operating systems and features, notably Windows XP. In an effort to contain the damage, Microsoft released a support for that operating system years after support officially ceased. Businesses that stay with Windows 7 after 2020 not only put their employees and data at risk, but could possibly held liable if their compromised equipment is used to launch attacks against other targets.

Ready to upgrade to Windows 10? Reach out to RWA to schedule an initial complimentary IT health check, and let’s work together on a plan to modernize your business environment.

Additional Information, External Articles:
Managed Encrytpion – Security risks as Windows 7 goes End of Life – key things to consider [ managedencryption.co.uk ]

6 top HIPAA compliance myths and the truth

One of the biggest potential challenges when it comes to medical IT is HIPAA compliance. It’s true that HIPAA is a serious matter that you must handle with care. But don’t let concerns about HIPAA scare you away.

Here are 6 common HIPAA myths and the truth behind them.

Myth: You only have to think about it once

It would be nice if HIPAA was something you only had to deal with once. But it is not something you can put into place once and then forget about it.

In truth, HIPAA is an ongoing responsibility and companies need to continually monitor their own compliance. As with most types of issues that require attention and motivation, people may start taking shortcuts over time. Make sure your company has a well-defined and well-funded plan to address HIPAA compliance.

Myth: HIPAA violations only affect medical information

The entire purpose of HIPAA is supposed to be protecting the privacy of individual health data. But according to an article in CIO magazine, violations often reflect other security risks as well. Many companies have to outsource their IT and records management functions and not all companies are equally diligent.

A company that violates HIPAA regulations is also more likely to put other sensitive data at risk as well. Corporate security breaches, whether of HIPAA information or credit data, can result in significant fines and public relations nightmares. Read here to learn more about why you need a disaster recovery plan.

Myth: You don’t have to worry about enforcement

There’s more than one government agency in charge of enforcing HIPAA compliance. Several government agencies are obligated to ensure that companies are compliant with the law. Some of the government offices who check to make sure you’re compliant with HIPAA include the following:

  • Office for Civil Rights
  • Department of Justice
  • State and federal attorneys general
  • Federal Trade Commission

You don’t need to be terrified of the government’s involvement, but you also can’t take for granted that it will be okay at any point to take security management less seriously. If you need some outside help setting up a compliant system consider an expert IT consultant.

Myth: Only physical records and personal contacts matter

It’s true that you have to be mindful of privacy when discussing patient medical records. It’s also true that you have to protect the security of physical records. But even cloud-based storage systems need to be compliant with HIPAA regulation.

Related: HIPAA compliance in the cloud? 3 things you need to know.

Myth: Some people don’t have to worry about compliance

Everyone who comes into contact with medical records is responsible for maintaining their privacy. Some people may have the misconception that only the initial healthcare provider has to maintain the patient’s privacy. But in today’s healthcare climate, records can pass through many sets of hands.

According to Forbes, each person who has contact with patient records is responsible for keeping them private, including subcontractors, data centers, and other third parties. That also includes claims processors, data entry, utilization review, and practice managers, to name just a few.

Myth: Your data is too insignificant to matter

Some companies think that they’re too small to matter. They mistakenly think that hackers are only concerned with large companies or personal credit card information.

According to the blog Security Metrics, personal health information is much more valuable than credit card information. The former collects a couple hundred dollars for each health record, while credit card numbers only go for a dollar or two. Fortunately, there are best practices you can follow to protect your data,  including updating software and improving staff training.

Being HIPAA compliant isn’t optional and it matters to every healthcare business. But with careful attention and good network security, you can protect both your patients and your business.

How to send a HIPAA compliant email

These days, it would be unthinkable to operate any kind of business without email or other forms of electronic communication. And it’s a pretty standard practice among businesses of all sizes to at least be aware of security issues such as phishing, address spoofing, viruses, and spyware. For businesses that deal with protected health information (PHI) however, there is an added layer of security required.

We’re talking about the Health Insurance Portability and Accountability Act, most commonly known as HIPAA. HIPAA sets the standard for protecting sensitive data. All businesses dealing with PHI are required to make sure that physical, network, and administrative security measures are in place and kept in compliance.

Included in these considerations is handling HIPAA compliant email.

What’s involved?

HIPAA requires that PHI is secure both when it’s being sent and when it’s not. The email must be protected by levels of unique usernames and passwords for PCs and servers, and secure encryption procedures each time the information is sent or received.

This means that it’s not recommended to use common, free internet-based email services. If you do use an internet-based email service, you must have a signed Business Associate Agreement (BAA) which confirms that administrative, physical, and technical safeguards are being maintained. The BAA will generally cover the host server responsibility, but you’re still required to protect every other part of the email or transmission chain.

Encryption, particularly for stored files, is also your responsibility. There are many options available for encrypting data on your own computers, and failure to take steps to use encryption could result in heavy fines.

How to keep email secure

What to consider when setting up secure email procedures

  • Many email servers will encrypt emails from sender to recipient. If the recipient is not a client of that server, they are given the option to securely connect to the server in order to receive the email.
  • Patient portals allow for secure storage of PHI and other communications. An email is sent to the recipient informing them of an incoming message. They can then log in and securely receive the message.
  • When setting up your own email accounts, use strong password protections and possible 2-factor authentication.
  • While email disclaimers and confidentiality statements aren’t a guaranteed protection for you, said disclaimers should clearly state that the information sent is considered PHI and should be treated as such. This is not a replacement for encryption or other security measures.

What about the patients?

HIPAA realizes that you have no control over the email clients and security patients may use. The regulation states that as long as you’re using secure email and encryption on your end, you are not responsible for what happens on the patient’s end of things. Well… there are a few conditions:

  • You must have a fully secure, alternate option for patients to receive information (such as a patient portal).
  • You must inform patients that their personal email clients may not be secured. If they still want the information, it’s all right to send it.
  • You must document the above conditions.

Protecting different types of emails

Not all emails are sent from a provider’s office to a patient. Emails sent between doctors located in different locations, and not sharing a secured network or email server must also use encryption. Likewise, doctors who email PHI from their home computers to their work accounts must use encryption to avoid HIPAA violation. While in-office emails using the same secured email server don’t have to worry about additional encryption, remote access situations must follow encryption procedures.

In conclusion

Don’t become overwhelmed by the many requirements for sending a HIPAA compliant email. Consider working with a managed IT services provider experienced in HIPAA compliance and technology.

Healthcare-Specific Security Threats You Need to Avoid in 2019

The healthcare sector experiences twice as many cyberattacks as any other industry. Still, healthcare professionals invest less than 6% of their budgets in cybersecurity.

What gives?

If you are a medical professional, now’s as good a time as any to beef up your security efforts. As a result, you can safeguard patient data and prevent hackers from stealing sensitive information. Here are some healthcare security threats to look out for in 2019.

Phishing attacks

Phishing attacks are becoming a bigger concern in healthcare. This type of security threats starts when a healthcare clicks on an infected email. Once this malware infiltrates a computer system, it can access valuable files and folders.

“The attacker can then use this software to gain access to the healthcare organization’s financial, administrative and clinical information systems,” says Tech Crunch.

Phishing attacks can have a detrimental impact on a hospital or medical practice. Malware often renders computer systems unusable, which has a significant impact on patient safety. In this scenario, doctors and nurses are unable to access important records. In turn, this can put organizations in big trouble in terms of compliance and liability lawsuits. And, in rare cases, it can even put patients’ lives at risk.

These type of attacks greatly increase the chances of hackers stealing valuable data.

Old legacy systems and networks

Old computers and networks could increase security vulnerabilities. As you may expect, Legacy systems may not function as efficiently as newer ones, and they often lack the latest security patches and updates.

“Healthcare is vulnerable due to historic lack of investment in cybersecurity, vulnerabilities in existing technology and staff behavior,” says Science Direct.

Even if medical organizations lack the money to invest in brand new technology, they should take steps to improve their network security. Installing the latest security software and a firewall, for example, and getting rid of old programs could prevent data from being stolen, increase compliance and increase patient trust.

Staff misuse

Insider misuse makes up 15% of all security breach incidents. Usually, this involves medical employees gaining unauthorized access to sensitive data and sharing it with other people.

“Surprisingly, the reason insider misuse stands out in the healthcare industry is because of the amount of people who get jobs in the industry for the sole purpose of infiltrating the system and gaining access to patient health information,” says the University of Illinois at Chicago.

Encrypting valuable data and setting up access controls — where only certain members of staff can access information. This could help to reduce this problem.


Ransomware is one of the biggest security threats in healthcare right now. In May 2017, a ransomware attack called WannaCry targeted computers running the Microsoft Windows operating system and had an impact on Britain’s National Health Service — the biggest single-payer healthcare system in the world.

A similar ransomware attack on your organization could spell disaster. Once ransomware infects your computer, you will probably be unable to access files and patient records unless you pay cybercriminals a ransom.

These are just some of the security threats you need to avoid if you work in the healthcare sector. However, working with a professional who takes care of your security defense needs will reduce phishing attacks, ransomware, staff misuse and old legacy systems from malfunctioning.

4 end-user security best practices

Cybersecurity is the first line of defense in your organization. Making some simple changes to your security protocols will not only prevent hackers from stealing valuable data, but improve productivity in your workforce.

The result?

Less chances that you’ll experience downtime due to a security threat. Here are 4 end-user security best practices that you need to know about.

1. Think up new password management strategies

Cybercriminals are becoming increasingly savvy when guessing passwords and accessing computer systems. Right now, millions of accounts are at risk because of inherently weak passwords.

Research shows that 25% of employees only change their password at work when the system tells them to do so. It’s statistics like this that should encourage you to improve your password management strategy.

Here are some quick password management tips:

  • Encourage your staff to change their passwords on a regular basis — every three months or so.
  • Password-protect all your devices, including smartphones and tablets.
  • Choose passwords that contain a combination of letters, numbers and special characters.

2. Limit access to your computer systems

Insider threats could result in security vulnerabilities and, even worse, a full-scale data breach. Research shows that insiders make up 75% of all data security incidents. You can prevent this from happening in your own organization by limiting access to sensitive data.

First, encrypt your most valuable documents, files, and folders. (A professional can help you do this.) This will make it harder for insiders to access important information. Second, set up user access controls on your systems. This will prevent the wrong people from accessing important data.

3. Improve staff training

Human error can often lead to cybersecurity risks. This is why you should provide your staff with computer security training. It will help employees understand the biggest cyber threats to your business and ensure that they handle data in the proper way.

“CIOs and CISOs need to ensure that every employee in an organization is aware of the potential threats they could face, whether it’s a phishing email, sharing passwords or using an insecure network,” says Information Age.

Investing in training might sound expensive, but it could pay off in the long run and provide you with a significant return. After training, staff are less likely to make mistakes. As a result, you will spend less money on fixing staff-related security issues and concentrate on other areas of your business.

4. Update your software

Old software and legacy systems can impact network security. This is why it’s a good idea to update old programs with the latest security patches on a regular basis. Although this might be time-consuming, it will provide you with an extra layer of security.

“The truth is it’s easy to skip software updates because they can take up a few minutes of our time, and may not seem that important,” says McAfee. “But this is a mistake that keeps the door open for hackers to access your private information, putting you at risk for identity theft, loss of money, credit, and more.”

These 4 end-user best practices will optimize security management in your workplace and reduce the risk of a cyber attack. Investing in staff training, limiting access, updating old software and creating a new password management strategy will help you safeguard your most valuable data.


3 Business Problems That an IT Consultant Can Solve

An IT consultant wears many hats. They monitor your network performance, ensure your compliance, and evaluate your hardware infrastructure. But how do these services actually benefit your business?

Here’s something that might surprise you: An IT consultant could save you cash AND prevent hackers from stealing your customers’ credit card details.

Here are 3 business problems an IT consultant can solve.

Problem #1: Hackers are trying to steal your personal information

As you know, cybersecurity is a huge concern for almost every business owner. With more data breaches making the news, you’re probably concerned about the personal data you keep on your hard drives and servers.

43% of cyber attacks target small businesses, and 62% of companies have been victims of social engineering and phishing scams. These are sobering statistics if you own a small business.

The solution:

A good IT consultant can monitor your network performance and create network health reports so you have the peace of mind you need when it comes to computer security. A professional can also evaluate your infrastructure and suggest any necessary upgrades and adjustments that will improve network security in your workplace.

This way, you know that all the data stored on your hardware is safe and secure.

Problem #2: You’re spending way too much cash on IT

The average company spends 5.2% of their total budget exclusively on IT. For some big brands, this means spending millions of dollars on the latest hardware and software that optimizes performance and increases productivity. Many small businesses, however, just don’t have these budgets. They feel like they are spending way too much cash on IT as it is.

How can they cut costs?

The solution:

An experienced IT consultant can evaluate your current IT budget. Based on their evaluations, they can make suggestions that will save you money in the long-run. They might advise you to get rid of hardware that costs too much money to maintain, for example. They might simly deploy software that saves you cash. You can then optimize your income and expenditure and use all the money you have saved to invest in other areas of your business.

Problem #3: You’re struggling with compliance

If you own a small business, there are various laws and regulations that you need to adhere to, especially when it comes to data protection. If you don’t, the authorities could fine you or, worse, you could go out of business. It can be difficult to keep track of all these rules, though. Sometimes, you need a helping hand — someone who can improve compliance in your business and make sure you don’t get into trouble.

The solution:

The right IT consultant will ensure you adhere to all the relevant data protection procedures in your sector and prevent you from being fined. If you operate in the healthcare industry, for example, an IT consultant can make sure you are HIPAA-compliant. As a result, you can safeguard patients’ personal information at all times.

These are just 3 business problems an IT consultant can solve. If you are spending too much money on IT, want to boost your security credentials and improve compliance, investing in managed services could provide you with a decent return on your investment.