06 Mar March ’19
You may remember from last month’s column where I mentioned Rootworks’ rebranding initiative. Actually, I want to be sure to define this properly—because it’s not a total rebrand, but rather an evolution of the trusted Rootworks brand. To date, we are only about two weeks away from completing our brand-evolution efforts, which means you’ll start seeing the fruits of our labor next month. Let there be no surprises…you heard it here first.
To offer deeper insight, aside from a fresh new look (which we love), we decided it was time to reevaluate who we are and bring further clarity to the value Rootworks offers the accounting profession. Going through the full brand-enhancement process has created a lot of energy among the Rootworks team as we close in on refining our messaging across all aspects of the business. So, as we begin our second decade of serving the profession, we will do so with an updated brand expression that better represents who we are.
To ensure our brand evolution efforts were successful, we engaged with an outside design and innovation firm that sports the tagline: “We’ll make it perfectly clear,” which was exactly what we sought to achieve. Our goal was to bring more clarity to Rootworks, including how we define the company overall and our core value propositions. Turns out it was a fantastic decision! We were simply too close to the business to objectively evaluate our own brand. Bringing in a fresh and unbiased set of eyes, combined with the tremendous creative talent of the Rootworks team, helped us get to the right messaging and visual representation much faster.
Through all the brand-enhancement work over the past few months, I’d have to say that one of the biggest wins was the gained objectivity into our business. For us, it paid big to have an outsider come in and just listen to both us and our members. And then to have them come back with objective feedback, which was far more validating than any epiphany.
The fact is that any business benefits from added clarity. In our firms, we get caught up in the day-to-day, the routine of it all, which can distract us from elements in need of enhancement. That said, I encourage each of you to commit to gaining more clarity this year…no matter the process you follow to get there.
You’ll get your first glimpse into our brand-evolution efforts after April 15 with the launch of our brand-enhanced website. Same great platform with a fresh new look and feel! Across the board, our core goal was to bring greater clarity—clarity around both the company’s external brand presence and all member education resources and vetted solutions.
I hope everyone experiences a smooth and satisfying tax season! Please know that our team is working hard to support you.
All my best,
PS: Keep your communications flowing during tax season. Stay connected to your clients with ease with our client magazine and content package products. For details, refer to the Rootworks membership page under Creative Services.
Whew! Busy season is here. As crazy-busy as we all are, I want to encourage you to stop and take a pulse of the spirit and vibe of your firm. It is likely that folks are putting in extra time and working hard. It is important to recognize the effort that is being made throughout tax season. Here are a few ideas for your team to consider in order to recognize and show appreciation to one another:
Say thanks—Stop by an employee or peer’s desk to express thanks. If you use an internal messaging platform like Slack, send out messages to your employees or peers who have gone above and beyond to help you or a client.
Share stats—It’s always nice to be able to see the finish line. Share general stats with staff letting them know how many returns have been completed for the week to celebrate the work being done.
Fuel them with food—Consider providing lunch from time to time, and rotate the menu based on suggestions from the group. Bring in breakfast once a week. Stock the kitchen with snacks and drinks based on the staff’s preferences.
Other incentives—Splurge for a massage therapist to come to the office and give chair massages. Write a handwritten thank you note with a gift card to Starbucks. Does your firm have a strict dress code? If so, consider having a dress down Friday.
Words and actions go a long way in conveying appreciation to everyone at the office who works so hard.
Many firms are strengthening their security through user awareness and education, which addresses the most common entry point for data breaches: email. One of the next biggest risks, however, is still an area of concern for many firms. That security risk is the open RDP session to the Internet.
What is RDP? RDP stands for Remote Desktop Protocol. It’s a remote session to a computer. Many firms use RDP to access their systems remotely from outside the office. RDP can run on an individual computer, or on a server in what has been traditionally called a Terminal Services environment. Also, many IT support providers use RDP to access systems remotely for administration. One of the worst breaches experienced by a Rootworks member occurred from an unsecured RDP host.
When RDP is open to the Internet, anyone can access the computer and attempt to login.
To remove this risk, firms must decide if remote access is necessary. If yes, then the answer is a Virtual Private Network, or VPN. VPN services are built-in to most newer generation firewalls. There are other ways to implement VPN, but firewall-based VPN is the best option.
How does an insecure RDP host get compromised? Here is how. It’s so easy, this is considered a low-level hack.
- Nefarious actor runs a sweep on Internet IP address to find live hosts.
- Nefarious actor runs a “port sweep” to determine what ports are open on that host.
- Nefarious actor runs a program to determine what exactly is listening on the open ports.
- Nefarious actor runs a program that continuously attempts to login using common logins
More sophisticated hackers will use pretexting to learn staff names for likely login names (Hint: the Windows default is first initial/last name).
RDP is port number 3389 by default. Even if IT professionals think they are being clever by changing the port number, the nefarious actor will still figure out it’s an RDP port (Hint: programs respond to connection requests and identify themselves).
To reduce risk in this area, take these three steps immediately:
- Lock down open RDP and enable or require VPN for secure remote access.
- Use long passwords with multi-factor authentication on computers that are accessed remotely.
- Remove any non-essential accounts from computers.
A good referral source is like having a free salesperson working for you! During tax season, remember to keep the flame alive with your existing referral sources, as well as work to build new referral channels. Send out monthly communications (emails and mailers) to remind your referrals of who you are and the value you offer to clients. This will help cultivate these relationships and keep referrals sending clients your way.
Educational Webinar schedule set!
Our schedule for Resource Update, Technology, and Planning webinars for 2019 is set. You can register in Rootworks.com on the Events page: https://rootworks.com/events/.
Resource Update webinars highlight all newly added or updated items in Rootworks.com. Register for the May 2 session to get a jump start on reviewing all the material we’ve created during tax season.
Planning webinars are to be utilized for spending time working on your business. Use each session as a checkpoint throughout the year and to help hold yourself and your firm accountable. During the May 23 session, we will also recap tax season, which we always do in the first planning webinar after busy season.
Technology webinars educate participants on new software and improvements to existing software. The specific topic will be announced a little closer to the first Technology webinar on June 6.