Call Us 866-784-9550

pumpkin background

November 2017 E-Newsletter

Business Corner: Cyber Security Best Practices for Small Businesses

The impact of the Equifax data breach that compromised the personal data of over 145 million individuals has left many confused, frustrated and downright angry. And while massive attacks on large corporations make headlines, small businesses have just as much, if not more, at stake.

According to data analyzed in a report by Hiscox, an insurance provider, cyberattacks are likely to have a bigger financial impact on small businesses. The 2017 report found that small businesses with under 99 employees faced an average cost of $36,000 after a cyberattack. Less advanced security protection, a smaller budget dedicated to cyber security and fewer resources for a fleshed-out IT department make small businesses an ideal target for hackers.
What, exactly, is a cyberattack?
A cyberattack is an unauthorized attempt to expose, destroy or access your data. According to a survey of 700 business owners by BuyBizSell, an online marketplace for small businesses up for sale, 1 in 10 small businesses have been attacked. The three most common attacks cited were general malware, web-based attacks, and phishing scams or social engineering.
General Malware. Short for malicious software, malware acts against the intent of the user, and can come in the form of a virus, Trojan horse or worm. Ransomware — a form of malware that demands money to avoid a negative consequence, like permanently deleting your data or publishing it publicly — costs small businesses approximately $75 billion a year, according to a 2016 report by cyber security company Datto.
Web-based attacks. A web-based attack is when malware gets access to your computer via the internet. There are multiple ways for this to happen, including malicious websites that present themselves as legitimate, and hackers who insert malicious code into the code of a legitimate website.
Social engineering scams. A social engineering attack is when a hacker tricks you into giving up personal information like credit card numbers, Social Security numbers or bank information. It is also known as phishing.
How can I protect myself and my customers?

Educate yourself
For October, which is National Cyber Security Awareness Month, Microsoft is offering a series of free cyber security workshops for small-business owners, co-sponsored by the National Institute of Standards and Technology, or NIST, and the U.S. Small Business Administration. The SBA also offers a self-guided online course in cyber security basics.
Create a cyber security plan
Your cyber security plan should include an employee training program and incident response plan. The first step to securing your network is to make sure your employees understand security policies and procedures. Training shouldn’t be a one-and-done deal; schedule yearly or semi-yearly refresher courses to keep security top of mind. Help your employees understand the importance of updating their software, adopting security best practices and knowing what to do if they identify a possible security breach.
The faster you act in the face of a cyberattack, the better you’ll be able to mitigate the damage.
An incident response plan will have crucial information such as:
  • whom to contact
  • where data and data backups are stored
  • when to contact law enforcement or the public about a breach
The Federal Communications Commission offers a cyber security planning guide to help small-business owners create a plan to protect their business. (You can download your customized plan at the bottom of the page after you create it.)
Be smart about passwords
The NIST advises government agencies on password best practices. According to the organization’s Digital Identity Guidelines, released in June 2017, NIST recommends passwords be at least eight characters long and notes that length is more beneficial than complexity. Allow your employees to create long, unique passwords that are easy for them to remember.
If you deal with highly sensitive data, you may want to require multifactor authentication, which requires users to present at least two identifying factors, like a password and a code, before gaining access to systems or programs. Think of it like an ATM, which requires a combination of a bank card and a PIN to access funds.
Increase your email security
According to cyber security company Symantec, in 2016, 1 in 131 email messages were malicious — this is the highest rate in five years.
Basic email safety precautions, like not opening suspicious attachments or links, are a first step that can be covered in your employee training plan. If you deal with clients’ personal data, you can also encrypt documents so both the sender and the recipient need a passcode to open it.
Use a firewall and antivirus software
A firewall acts as a digital shield, preventing malicious software or traffic from reaching your network. There are many kinds of firewalls, but they fall into two broad categories: hardware or software.
Some firewalls also have virus-scanning capabilities. If yours doesn’t, be sure to also install antivirus software that scans your computer to identify and remove any malware that has made it through your firewall. It can help you control a data breach more efficiently by alerting you to an issue, instead of you having to search for the problem after something goes wrong.
Secure your Wi-Fi network
Any type of Wi-Fi equipment you receive will not be secure when you first buy it. And no, you shouldn’t keep the default password that comes with your device — there are resources online for hackers to access default passwords based on model numbers of popular routers, so make sure your network is encrypted with your own, unique password. Your router will likely allow you to choose from multiple kinds of passwords; one of the most secure is a Wi-Fi Protected Access II (WPA2) code.
You’ll also want to hide your network, meaning the router does not broadcast the network name. If customers or clients will need access to Wi-Fi, you can set up a “guest” account that has a different password and security measures, which prevents them from having access to your main network.
Protect your payment processors
It’s crucial to work with your bank or payment processor to ensure that you’ve installed any and all software updates. The more complex your payment system, the harder it will be to secure, but the Payment Card Industry Security Standards Council offers a guide to help you identify the system you use and how to protect it.
The article Cyber security Best Practices for Small Businesses originally appeared on NerdWallet.

How to Budget for December Holidays

You still might have pumpkins on your porch, but it’s already time to make room for the year-end holidays in your budget.
“I was at Costco the other day, and I already saw Christmas trees, [so] we need to be thinking about it right now,” says Nick Givogri, a California-based regional executive for investment service Merrill Edge.
Here’s how to get started:
Work backward
Your past holiday spending is the best indicator of what you’ll spend this season, says Robert P. Finley, a certified financial planner and principal at Virtue Asset Management in Illinois.
“Try to get your credit card statements,” Finley says. “Try to look at your bank statements. What did I spend on presents? Did I have to do traveling? Did I have to fly somewhere?”

Once you’ve estimated past expenditures, create a baseline for this year that includes what you can reasonably save over the next few months.
For presents, Finley recommends setting a total and dividing it by the number of people on your list. Then prioritize. “If you’re going to spend $1,500 and you have 15 people on your list, some of them you might want to spend more than $100, and others you might want to spend less, and then you can work that way,” he says.
But presents aren’t all you’ll buy. Account for decorations, travel, donations and more. And don’t forget to build in a miscellaneous category. It’ll give you extra cushioning in case a co-worker gives you an unexpected gift — and you feel compelled to reciprocate.
“It’s always better to have a little extra room or miscellaneous — and then you don’t use it and it goes back into savings — than maxing out, and then something comes along and you’re stuck pulling out of savings,” Finley says.
Look ahead
Setting a spending limit is just the beginning. Budgeting requires discipline and regular check-ins, says Richard K. Colarossi, a certified financial planner and partner at Colarossi & Williams in New York.
“If you don’t revisit it, what’s the sense in having it?” Colarossi says. “You have to match the actuals to your budget and see where you’re over and under.”
Givogri agrees. He suggests setting a weekly reminder on your phone to review how much you’ve spent and how much you have left to spend. If you discover you overshot the budget on a particular gift, there’s hope.
“Make an adjustment to the other gifts or make an adjustment to other expenses that you may have for the particular month,” Givogri says, citing strategies such as eating meals at home to save money in anticipation of potentially costly holiday outings.
And always keep your budget’s ultimate goal in mind. It might be focused on the months of November and December, but it will affect your finances well into the New Year.
“When you do a budget and start setting aside some money now, you’re probably going to help reduce credit card debt,” Colarossi says. “Otherwise, if you don’t budget and have the money set aside, what’s going to happen? It’s going to go on credit.”
You don’t have to pay for your presents in cash, but you should have the cash to pay them off so you’re not left with hefty interest fees, Colarossi adds.
While you’re thinking about all the gifts you’re going to give this year, plan ahead and budget as a gift to yourself.
The article How to Budget for December Holidays in October originally appeared on NerdWallet.

Coulee Bank's Q-Tip: Stop Worrying and Step up Your Online Safety Today

If you are like most people (82 percent of people, in fact), you worry about your online security and are concerned about your accounts being hacked. And for good reason. More than half (51%) of online consumers experienced a security incident in the past year. Whether your passwords and phone number were stolen in the recent high-profile social media hack or you fell victim to the massive phishing scam from earlier this year, the internet can sometimes feel like it’s full of traps waiting to trip you up. Thankfully, there is plenty you can do to step up your security game and surf the internet with greater peace of mind.
First things first, let’s talk about the password. Passwords have been proven time and time again to be ineffective on their own in protecting online accounts. Too many people use simple passwords that can be cracked in seconds, and even those that use stronger passwords could improve their account security practices. We recently conducted a survey (Consumer Account Security Report 2016) about consumer security practices and found that nearly half of people (47%) use a password that hasn’t been changed in five years, and seven in ten (71%) online accounts are guarded by duplicate passwords. Add to that only 61 percent of people change their password after an account has been hacked, and it’s no surprise we are seeing bigger and bigger hacks making headlines each year.
So, if passwords, and our password habits, are failing, what can we do? The answer is 2FA – a second layer of account security that combines something you know (your password) with something you have (such as your mobile phone) to stop hackers from breaking into your accounts. 2FA comes in many forms, but one of the most common and easily available is receiving a one-time passcode via SMS to your mobile phone. Many companies today provide 2FA as a free service, and while not enough people take advantage of this vital security step, progress has been made in recent years. In 2016, 46 percent of consumers had 2FA enabled for one or more accounts, up from 39 percent in 2015 (an 18% increase). To help raise awareness for the power of 2FA and encourage more people to turn it on, we created a free resource that provides step-by-step instructions for how to turn it on for all your favorite accounts – If you haven’t already turned on 2FA everywhere you can, we recommend visiting the site right away.
Stepping up your password game and turning on 2FA go a long way towards improving your online security, but they are not the only steps you can take. Here are some other key tips to help you feel better about your online safety:
  • Lock Your Devices
    • It is always a best practice to use the lock feature in your device’s settings. You should set your devices to lock and require a password for use when you’re not been using them.
  • Get Savvy About Public Wi-Fi
    • Public Wi-Fi availability can be very convenient, but there are risks involved. Beware of “free Wi-Fi” networks, as it’s is pretty easy for someone to intercept your data in a man-in-the-middle attack. As a general rule, limit the business you conduct on public wireless networks (avoiding banking, shopping and/or entering other sensitive information) and consider using a virtual private network (VPN) or smartphone hotspot for a more secure connection on the go.
  • Consider a Password Manager
    • Password managers relieve the burden of having to memorize all the different, complex passwords you’ve created by managing them all in one “vault” and locking that vault with a single master password. There are many great password managers out there and PCWorld has a great list of four strong options to get your started.
  • Back up Your Files
    • Even with all the protections in the world, accidents and fraud do happen, so it’s important to back up all your important files so you can easily recover them in the event that they are stolen or lost. This is an especially important step in protecting against ransomware attacks, which continue to be used more and more by hackers.
By following each of these steps, you are making great progress to better protecting your online life, but it is also important to stay diligent with your habits and up to date with the latest available security. I encourage you to install key software and application updates that patch security holes and read technology news for important cyber security updates. Finally, be sure to share these tips with friends and family to help them protect themselves as well.

Q-Tips are provided by Coulee Bank's IT Network Risk Manager, Quentin Fisher. He is always on the lookout for ways to keep our customers' information safe, here at the bank, at work and home.
Source: Stop Worrying and Step Up Your Online Safety Today

Saving Money Makes You Happier - Here's Proof

The argument over whether you should invest or pay off debt usually focuses on financial numbers, such as rates of return and interest charges. Maybe happiness should be part of the equation as well.
Studies in several countries, including the U.S., Norway, Ireland and Spain, have found high levels of financial satisfaction among elderly people. Happiness with our money situation tends to rise with age, even though our income peaks in midlife and then generally declines.
Why is that? Further studies show that what we own and what we owe make a difference. One study of 3,751 U.S. adults ages 30 to 80 found that increases in assets and decreases in debt over time “contribute substantially to the life course pattern of financial satisfaction.”
Fair enough. But then two Texas researchers looked into which of those two actions — paying down debt or building up investments — was the bigger contributor. Increasing assets was the hands-down winner.
Which came first, debt or unhappiness?
People with more debt were less satisfied, but lowering their debt loads didn’t seem to make them much happier, says Russell James, a certified financial planner and director of graduate studies in charitable planning at Texas Tech University in Lubbock, Texas. James conducted the study with Scott Garrett, then a doctoral candidate and now a certified financial planner at Ronald Blue Trust in Houston. The pair tracked 839 adults age 50 and older for four years to measure the changes.
The researchers don’t know why the investment effect was bigger but say personality may play a role. In other words, unhappy people may be more likely to get into debt.
“If a person is dissatisfied with where they are in life, maybe that makes them spend more on credit cards,” James says.
We don’t know if the same patterns would be true for younger people, but the researchers were confident enough in their results to advise financial planners to focus on building assets as “the best way to improve client financial satisfaction.”
The thing is, financial planners already take a pretty balanced approach to the “invest or pay off debt” question. They encourage both. They want people to save for retirement and emergencies while educating them about the difference between “good” debt, which helps people get ahead financially, and “bad” debt, which doesn’t. Planners typically prioritize paying off high interest rate debt such as credit cards while taking a slower approach to mortgages and student loans, which tend to have lower, tax-deductible rates.
You’re chasing the wrong goal if …
The people who really need to hear this message are the do-it-yourselfers going all-in on debt repayment, not realizing what they may be costing themselves in the long run. These include people who are:
How much debt is too much depends on an individual’s situation, but if you’re struggling to make minimum payments or your credit cards, medical bills and personal loans exceed half of your income, you’re probably already there.
The reality is that most U.S. families have manageable debt loads, according to the Federal Reserve’s latest Survey of Consumer Finances. Only 7% spend more than 40% of their income on debt payments, the lowest level since 2001.
Where many fall short is with emergency and long-term savings. The Fed tells us 44% of adults can’t come up with $400 for an unexpected expense, while more than half of working-age adults risk not being able to sustain their standard of living in retirement, according to the Center for Retirement Research at Boston College.
It’s particularly important not to stifle retirement savings, since the longer you wait to get started, the harder it is to catch up. You also can’t get back the company matches, tax breaks and compounded returns you pass up.
Being debt-free is a great goal to achieve — eventually. But your haste to get there shouldn’t leave you poorer, and less happy, in the long run.
This article was written by NerdWallet and was originally published by The Associated Press.

Coulee Investment Corner: Brush Up on Your IRA Facts

If you are opening an (Individual Retirement Account) IRA for the first time or need a refresher course on the specifics of IRA ownership, here are some facts for your consideration.
IRAs in America
IRAs continue to play an increasingly prominent role in the retirement saving strategies of Americans. According to the Investment Company Institute (ICI), the U.S. retirement market had $25 trillion in assets as of September 30, 2016, with $7.8 trillion of that sum attributable to IRAs.1 In mid-2016, 42.5 million -- or 34% -- of U.S. households reported owning IRAs.2
Traditional IRAs, the most common variety, are held by 25.5% of U.S. households, followed by Roth IRAs, which are held by 17.4% of households, and employer-sponsored IRAs (including SEP IRAs, SAR-SEP IRAs, and SIMPLE IRAs), which are held by 5.7% of households.2
Contributions and Deductibility
Contribution limits. In general, the most you can contribute to an IRA for 2017 is $5,500. However, if you are age 50 or older, you can make an additional "catch-up" contribution of $1,000, which brings the maximum annual contribution to $6,500.
Eligibility. One potential area of confusion around IRAs concerns an individual's eligibility to make contributions. In general, tax rules require that you must have compensation to contribute to an IRA. Compensation includes income from wages and salaries and net self-employment income. If you are married and file a joint tax return, only one spouse needs to have the required compensation.
With regard to Roth IRAs, income may affect your ability to contribute. For tax year 2017, individuals with an adjusted gross income (AGI) of $118,000 or less may make a full contribution to a Roth IRA. Married couples filing jointly with an AGI of $186,000 or less may also contribute fully for the year. Contribution limits begin to decline, or "phase out," for individuals with AGIs between $118,000 and $133,000 and for married couples with AGIs between $186,000 and $196,000. If your income exceeds these upper thresholds, you may not contribute to a Roth IRA.3
Deductibility. Whether you can deduct your traditional IRA contribution depends on your income level, marital status, and coverage by an employer-sponsored retirement plan. For instance:3
  • If you are single and covered by an employer-sponsored retirement plan, your traditional IRA contribution for 2017 will be fully deductible if your AGI was $62,000 or less. The amount you can deduct begins to decline if your AGI was between $62,000 and $72,000. Your IRA contribution is not deductible if your income is equal to or more than $72,000.
  • If you are married, filing jointly, and the spouse making the IRA contribution is covered by an employer-sponsored retirement plan, your 2017 IRA contribution will be fully deductible if your combined AGI is $99,000 or less. The amount you can deduct begins to phase out if your combined AGI is between $99,000 and $119,000. You may not claim an IRA deduction if your combined income is equal to or more than $119,000.
  • If you are married, filing jointly, and your spouse is covered by an employer-sponsored plan (but you are not), you may qualify for a full IRA deduction if your combined AGI is $186,000 or less. The amount you can deduct begins to phase out for combined incomes of between $186,000 and $196,000. Your deduction is eliminated if your AGI on a joint return is $196,000 or more.
  • If neither you nor your spouse is covered by an employer-sponsored retirement plan, your contribution is generally fully deductible up to the annual contribution limit or 100% of your compensation, whichever is less.
Keep in mind that contributions to a Roth IRA are not tax deductible under any circumstances.
You may begin withdrawing money from a traditional IRA without penalty after age 59½. Generally, previously untaxed contributions and earnings are taxable at the then-current regular income tax rate. Nondeductible contributions are generally not taxable because those amounts have already been taxed.
You must begin receiving minimum annual distributions from your traditional IRA no later than April 1 of the year following the year you reach age 70½ and then annually thereafter. If your distributions in any year after you reach 70½ are less than the required minimum, you may be subject to an additional federal tax equal to 50% of the difference.
Unlike traditional IRAs, Roth IRAs do not require the account holder to take distributions during his or her lifetime. This feature can prove very attractive to those individuals who would like to use the Roth IRA as an estate planning tool.
This communication is not intended as investment and/or tax advice and should not be treated as such. Each individual's situation is different. You should contact your financial professional to discuss your personal situation.
1Investment Company Institute, "Retirement Assets Total $25.0 Trillion in Third Quarter 2016," December 2016.
2Investment Company Institute, "The Role of IRAs in U.S. Households' Saving for Retirement, 2016," January 2017.
3Internal Revenue Service, "IRS Announces 2017 Pension Plan Limitations; 401(k) Contribution Limit Remains Unchanged at $18,000 for 2017," October 27, 2016.

Required Attribution
Because of the possibility of human or mechanical error by Wealth Management Systems Inc. or its sources, neither Wealth Management Systems Inc. nor its sources guarantees the accuracy, adequacy, completeness or availability of any information and is not responsible for any errors or omissions or for the results obtained from the use of such information. In no event shall Wealth Management Systems Inc. be liable for any indirect, special or consequential damages in connection with subscriber's or others' use of the content.
© 2017 DST Systems, Inc. Reproduction in whole or in part prohibited, except by permission. All rights reserved. Not responsible for any errors or omissions.

Not FDIC Insured

No Bank Guarantee

May Lose Value

Not a Deposit

Not Insured by any Federal Government Agency