Cyber Security Awareness Month: Protecting Your Business from Digital Threats
October 2, 2023
Cyber Security Awareness Month: Protecting Your Business from Digital Threats

October is Cybersecurity Awareness Month, making it the perfect time to safeguard your business against the rising tide of cyber threats. Learn how to defend your company's digital assets and ensure long-term security.


Businesses, both large and small, are increasingly reliant on the internet for daily operations, creating attractive and potentially lucrative targets for cyber criminals.


With such heavy use of and reliance on computers and the internet by both large and small organizations, protecting these resources has become increasingly important. Learning about cyberattacks and how to prevent them can help you protect your company from security breaches.


Cyberattacks Compromise Your Company

Cyberattacks include many types of attempted or successful breaches of computer security. These threats come in different forms, including phishing, viruses, Trojans, key logging, spyware and spam. Once hackers have gained access to the computer system, they can accomplish any of several malicious goals, typically stealing information or financial assets, corrupting data or causing operational disruption or shutdown.


Both third parties and insiders can use a variety of techniques to carry out cyberattacks. These techniques range from highly sophisticated efforts to electronically circumvent network security or overwhelm websites to more traditional intelligence gathering and social engineering aimed at gaining network access.


Cyberattacks can result directly from deliberate actions of hackers, or attacks can be unintentionally facilitated by employees—for example, if they click on a malicious link. According to historical claim data analyzed by Willis Towers Watson, 90 percent of all cyber claims stemmed from some type of employee error or behavior. The high-profile Equifax, Snapchat and Chipotle data breaches were all caused by employee error or behavior.


A breach in cyber security can lead to unauthorized usage through tactics such as the following:


  • Installing spyware that allows the hacker to track Internet activity and steal information and passwords
  • Deceiving recipients of phishing emails into disclosing personal information
  • Tricking recipients of spam email into giving hackers access to the computer system
  • Installing viruses that allow hackers to steal, corrupt or delete information or even crash the entire system
  • Hijacking the company website and rerouting visitors to a fraudulent look-alike site and subsequently stealing personal information from clients or consumers


Cyberattacks may also be carried out in a manner that does not require gaining unauthorized access, such as denial-of-service (DoS) attacks on websites in which the site is overloaded by the attacker and legitimate users are then denied access.


The Vulnerable Become the Victims

The majority of cyber criminals are indiscriminate when choosing their victims. The Department of Homeland Security (DHS) asserts that cyber criminals will target vulnerable computer systems regardless of whether the systems belong to a Fortune 500 company, a small business or a home user.


Cyber criminals look for weak spots and attack there, no matter how large or small the organization. Small businesses, for instance, are becoming a more attractive target as many larger companies tighten their cyber security. According to the industry experts, the cost of the average cyberattack on a small business is increasing exponentially and shows no signs of slowing down. Nearly 60 percent of the small businesses victimized by a cyberattack close permanently within six months of the attack. Many of these businesses put off making necessary improvements to their cyber security protocols until it is too late because they fear the costs would be prohibitive.


Simple Steps to Stay Secure

With cyberattacks posing such a prominent threat to your business, it is essential to create a plan to deal with this problem. Implementing and adhering to basic preventive and safety procedures will help protect your company from cyber threats.


Following are suggestions from a Federal Communications Commission (FCC) roundtable and the DHS’s Stop.Think.Connect. program for easily implemented security procedures to help ward off cyber criminals. These suggestions include guidelines for the company as well as possible rules and procedures that can be shared with employees.


Security Tips for Your Company

Cyber security should be a company-wide effort. Consider implementing the following suggestions at your organization:


  • Install, use and regularly update anti-virus and anti-spyware software on all computers.
  • Download and install software updates for your operating systems and applications as they become available.
  • Change the manufacturer’s default passwords on all software.
  • Use a firewall for your internet connection.
  • Regularly make backup copies of important business data.
  • Control who can physically access your computers and other network components.
  • Secure any Wi-Fi networks.
  • Require individual user accounts for each employee.
  • Limit employee access to data and information, and limit authority for software installation.
  • Monitor, log and analyze all attempted and successful attacks on systems and networks.
  • Establish a mobile device policy and keep them updated with the most current software and anti-virus programs.


Security Tips for Employees

  • Use strong passwords, change them periodically and never share them with anyone. Never repeat a password across accounts.
  • Protect private information by not disclosing it unless necessary, and always verify the source if asked to input sensitive data for a website or email.
  • Don’t open suspicious links and emails; an indication that the site is safe is if the URL begins with https://.
  • Scan all external devices, such as USB flash drives, for viruses and malicious software (malware) before using the device.


Securing Your Company’s Mobile Devices

Gone are the days when contact names and phone numbers were the most sensitive pieces of information on an employee’s phone. Now a smartphone or tablet can be used to gain access to anything from emails to stored passwords to proprietary company data. Depending on how your organization uses such devices, unauthorized access to the information on a smartphone or tablet could be just as damaging as a data breach involving a more traditional computer system.


The need for proper mobile device security is no different from the need for a well-protected computer network. Untrusted app stores will continue to be a major source of mobile malware which drives traffic to these stores. This type of “malvertising” continues to grow quickly on mobile platforms.


Most importantly, stay informed about cyber security and continue to discuss internet safety with employees.


Don’t Let it Happen to Your Company

According to the DHS, 96 percent of cyber security breaches could have been avoided with simple or intermediate controls. Strengthening passwords, installing anti-virus software and not opening suspicious emails and links are the first steps toward cyber security. In addition to the listed tips, the FCC provides a tool for small businesses that can create and save a custom cyber security plan for your company, choosing from a menu of expert advice to address your specific business needs and concerns.


A data breach could cripple your small business, costing you thousands or millions of dollars in lost revenue, sales, damages and reputation. Contact SimcoHR today. We have the tools necessary to ensure you have the proper coverage to protect your company against losses from cyberattacks.

Sign up for our newsletter.

5 Questions to Ask About Your 401(k) Administration Process

May 15, 2026
For many employers, managing a 401(k) plan has become more time-consuming than expected. What should feel like a straightforward administrative process often turns into ongoing coordination between payroll systems, retirement providers, HR teams, and compliance partners. The challenge usually is not the retirement plan itself. More often, the friction comes from the systems and processes supporting it. Manual uploads, delayed updates, repeated reconciliation work, and disconnected data flows can quietly create extra administrative burden over time. Because these issues develop gradually, many organizations begin treating them as “just part of the process.” But they do not have to be. As retirement administration continues to evolve, employers are taking a closer look at the operational side of their plans and asking whether their current processes are truly efficient, scalable, and aligned. Here are five questions worth asking about your organization’s 401(k) administration process. 1. Are We Still Manually Uploading Payroll Files? One of the most common inefficiencies in retirement administration is still surprisingly widespread: manually extracting payroll data and uploading files from one system to another every pay period. While this process may seem manageable, it creates unnecessary administrative work and introduces opportunities for error. Payroll teams often spend time formatting files, validating contribution data, and confirming whether updates were successfully processed. Over time, those extra steps add up. Modern payroll integrations can automate much of this process by securely transferring contribution, eligibility, and employee census data directly between systems. That reduces repetitive manual work while helping ensure retirement information stays current and accurate. If your team still relies heavily on manual uploads each pay cycle, it may be worth evaluating whether your current process is creating more administrative lift than necessary. 2. How Many Systems Need to Be Checked to Confirm an Update Went Through? This is where many employers begin to feel the operational strain of disconnected systems. An employee updates their deferral amount. A payroll change is processed. A loan repayment adjustment is made. Then someone has to verify whether the update actually flowed correctly between platforms. In environments where systems are not fully connected, HR and payroll teams often become the “checkpoint” between vendors, manually confirming updates and troubleshooting discrepancies after the fact. This is also where the difference between one-way and two-way integrations becomes important. A one-way, or 180° integration, typically sends payroll information outward to the retirement provider but does not automatically sync updates back into the payroll or HCM system . A two-way, or 360° integration, allows updates to move between systems automatically, helping reduce duplicate work and missed changes. The less time teams spend double-checking systems, the more time they can spend supporting employees and broader business priorities. 3. Could We Easily Pull Accurate Data for Compliance Testing and Reporting? Retirement plans operate within a highly regulated environment, and compliance depends heavily on accurate, timely data. Annual testing and reporting often require employers to provide detailed information including compensation data, contribution amounts, hire dates, demographic information, eligibility records, and more. For organizations using disconnected systems, collecting that information can become a time-intensive process. Missing fields, outdated data, or formatting inconsistencies often lead to repeated file requests and last-minute corrections during annual testing periods. This creates stress not only for HR and payroll teams, but also for plan administrators, TPAs, and recordkeepers responsible for maintaining compliance standards. Integrated payroll and retirement systems help streamline this process by automatically capturing and syncing data throughout the year, improving visibility and reducing the need for manual data gathering when reporting deadlines approach. 4. How Much Time Is HR Spending Fixing Preventable Errors? Many retirement administration issues do not start as major problems. More often, they begin as small discrepancies that require manual follow-up, whether it is a contribution that does not align with payroll data, an incorrect eligibility date, a delayed deferral update, or an incomplete census file. On their own, these issues may seem relatively minor. Over time, however, they create a significant amount of reactive work for HR and payroll teams that are left validating information, correcting inconsistencies, and coordinating between systems and providers. What makes this especially frustrating is that many of these issues are preventable. They are often the result of disconnected systems, delayed synchronization, or processes that rely too heavily on manual intervention. When teams spend large portions of their time validating data, reconciling discrepancies, and coordinating between providers, it becomes harder to focus on strategic priorities like employee engagement, workforce planning, and benefits strategy. Reducing friction behind the scenes can have a meaningful impact on both operational efficiency and the employee experience. 5. Is Our Current Process Built to Scale as We Grow? Processes that work for a smaller workforce can quickly become difficult to manage as an organization grows. More employees mean more payroll activity, more contribution data, more eligibility tracking, and more opportunities for inconsistencies across systems. Without connected infrastructure, administrative complexity tends to grow alongside headcount. That is why many employers are reevaluating whether their current retirement administration processes are sustainable long term. The goal is not simply to “manage” the workload, but to create systems that scale efficiently without increasing manual effort at the same pace. Connected payroll, HR, and retirement systems can help organizations reduce administrative burden, improve accuracy, and create a more streamlined experience for both employers and employees. A More Connected Approach to Retirement Administration A well-run 401(k) plan should not require constant oversight to function smoothly. When payroll, HR, and retirement administration systems work together, organizations gain better visibility into data, fewer manual touchpoints, improved reporting efficiency, and greater confidence in their processes overall. At Simco , we help employers simplify workforce management by aligning payroll, HR, benefits, and retirement administration through more connected systems and support models. For organizations evaluating their current retirement administration process, sometimes the most valuable first step is simply asking the right questions. Looking Ahead Retirement administration will likely continue becoming more data-driven, integrated, and compliance-focused in the years ahead. Employers that take time now to evaluate how information flows between payroll, HR, and retirement systems will be better positioned to reduce operational friction, support employees more effectively, and scale with greater confidence over time.

Finger Lakes Homeowners: Is Your Insurance Ready for Spring and Summer Storms?

April 27, 2026
Living in the Finger Lakes, especially throughout Canandaigua and Ontario County, offers a quality of life that is hard to match. The lakes, the landscape, and the changing seasons are part of what makes this area special. Those same characteristics, however, also create very specific risks to your home and property. Many of these risks are not fully understood until a loss occurs. This overview is meant to help bring clarity before that happens. Heavy Rain and Flooding: A Common Misunderstanding Spring in our region often brings a combination of heavy rainfall and saturated ground, sometimes alongside lingering snowmelt. When the ground can no longer absorb water, it finds its way into basements and lower levels. What many homeowners do not realize: • Standard homeowners insurance does not cover flood damage • Sewer or drain backup coverage is not automatically included • Even minor water intrusion can result in significant repair costs Flooding remains one of the most common and misunderstood gaps in coverage. Summer Storms and Wind Damage Severe weather events have become more frequent and more intense in recent years. Across the Finger Lakes, we regularly see: • Trees falling onto homes or structures • Roof and siding damage from high winds • Power surges impacting appliances and electronics While many of these losses are typically covered, there are important considerations: • Tree removal coverage is often limited • Poorly maintained trees can create complications in claims • Deductibles may be higher than expected, especially for wind-related losses Tornado Activity in Upstate New York Tornadoes are not something most people associate with our region, but they do happen in upstate New York. They are often smaller in scale, but still strong enough to damage roofs, garages, sheds, outbuildings, and surrounding property. In many cases, tornado-related damage is covered under a standard homeowners policy. The bigger concern is whether homeowners have reviewed their limits, deductibles, and property details before a loss occurs. Hail Damage: Often Overlooked Hail damage does not always present itself immediately. Over time, it can: • Compromise roofing materials • Reduce the lifespan of your roof • Lead to leaks or structural issues later on An important detail many homeowners are unaware of: some policies now settle roof claims based on actual cash value rather than full replacement cost, which can significantly reduce claim payouts. Lakefront and Hillside Exposures The natural features that define the Finger Lakes also introduce unique risks: • Shoreline erosion • Slope instability • Ground shifting following heavy rain It is important to understand: • Land itself is not insurable • Earth movement, including landslides, is typically excluded These are among the most significant uncovered exposures in our area. Lightning and Power Surges A single storm can damage electronics, appliances, and home office equipment. While coverage may apply, it is often subject to policy limits, deductibles, and specific conditions. If you work from home or rely on expensive electronics, it is worth reviewing how your policy handles power surge damage before you need to file a claim. What Homeowners Often Learn Too Late After working through claims with families across the region, a consistent pattern emerges: “I thought that was covered.” “No one explained that to me.” “I wish I had reviewed this sooner.” Insurance is not just about having a policy in place. It is about understanding how that policy responds in real-world situations. A Local Approach to Reviewing Your Coverage As part of the Finger Lakes community, we believe homeowners should have a clear understanding of their coverage before they need to rely on it. We offer straightforward, no-pressure coverage reviews that include: • A clear explanation of your current policy • Identification of potential gaps based on local risks • Honest answers to your questions • Guidance on whether any adjustments make sense for your situation Looking Ahead Seasonal weather in the Finger Lakes is predictable in one sense: it will come. The better question is whether your coverage reflects the realities of where you live. Taking the time to review now can help ensure you are prepared when it matters most.

Financial Literacy Month: Why Employers Play a Bigger Role Than They Think

April 9, 2026
April is Financial Literacy Month, and most of the conversation tends to focus on individuals. Budgeting, saving, managing debt, planning for retirement. All important topics, but often framed as personal responsibilities. What gets overlooked is how much of an employee’s financial life is shaped at work. From how pay is structured, to how benefits are communicated, to whether retirement options are understood or even used, employers have a direct influence on how confident and informed employees feel about their finances. It is not always intentional, but it is significant. Where Financial Literacy Shows Up at Work For many employees, the workplace is the primary place where financial decisions are made or reinforced. Think about what flows through an employer: Paychecks and how they are calculated Tax withholdings and deductions Health insurance contributions Retirement plan participation and employer match Bonuses, commissions, and variable compensation These are not small details. They are the building blocks of how employees understand their income, manage expenses, and plan for the future. When those elements are clear and easy to navigate, employees tend to feel more in control. When they are confusing or inconsistent, it can lead to frustration, disengagement, or avoidable financial stress. The Reality: Many Employees Are Still Guessing Even in well-run organizations, it is common for employees to have gaps in understanding. Questions like: “Why did my paycheck change this period?” “What exactly is being deducted from my pay?” “Am I contributing enough to my 401(k)?” “How does my health plan actually impact my out-of-pocket costs?” These are not uncommon, and they are not always asked out loud. When employees are unsure, they often make assumptions or avoid decisions altogether. That might mean underutilizing benefits, delaying retirement contributions, or feeling less confident about their financial situation overall. Why This Matters More Than It Seems Financial literacy is not just a personal issue. It has a direct impact on the workplace, and employees who feel financially uncertain are more likely to: Experience stress that carries into the workday Be distracted or less engaged Delay important decisions like retirement planning Ask more reactive questions that take time to address On the other hand, when employees understand how their pay and benefits work, there is a noticeable shift. Communication becomes easier. Trust increases. Fewer issues escalate into larger problems. It is not about expecting employees to become financial experts. It is about creating an environment where information is clear and decisions feel manageable. Where Employers Have the Most Influence Employers do not need to overhaul their entire approach to make an impact. In many cases, financial clarity improves when existing processes are just a little more intentional. A few areas tend to have the biggest influence: Payroll Transparency Pay statements should be easy to read and consistent. Employees should be able to quickly understand their gross pay, deductions, and net pay without needing to ask for clarification every time something changes. Even small improvements in how payroll information is presented can reduce confusion. Benefits Communication Open Enrollment is not the only time benefits need explanation. Employees often need reminders and context throughout the year. Clear explanations around what plans cover, how contributions work, and how to use benefits in real scenarios can make a meaningful difference. Retirement Plan Engagement Offering a retirement plan is one thing. Helping employees understand how to use it is another. Employers who provide basic education around contribution levels, employer match, and long-term impact tend to see stronger participation and better outcomes. Consistency Across Systems When payroll, benefits, and HR systems do not align, employees feel it. Conflicting information or multiple places to find answers creates friction. Even if the underlying services are strong, the experience can feel disjointed if everything is not connected. Financial Literacy as a Workplace Advantage Financial Literacy Month is a good reminder that supporting employees in this area is not just a benefit. It is part of how a business operates. Employers who prioritize clarity tend to see:  Fewer payroll and benefits questions More confident employees Better utilization of offered benefits Stronger overall engagement It does not require a complete redesign. Often, it is the result of tightening communication, simplifying access to information, and making sure systems are working together. At Simco, this is something we see regularly. When payroll, HR, benefits, and retirement services are aligned, it becomes much easier for employers to provide a clear and consistent experience without adding more administrative burden. A Few Practical Steps to Start With If Financial Literacy Month is a prompt to take action, it does not need to be complicated. A few focused steps can go a long way: Review a sample of employee pay statements and ask if they are easy to understand at a glance Look at how benefits information is shared outside of Open Enrollment and where there may be gaps Check that retirement plan details, including employer match, are clearly communicated and easy to access Identify whether employees have one clear place to go for payroll, benefits, and HR information Ask managers or HR team members what questions they are hearing most often from employees These are simple starting points, but they often reveal where clarity can be improved. Looking Ahead Financial literacy does not need to be a separate initiative. It is already built into the way employers manage pay, benefits, and communication. April is a good reminder to take a closer look at how those pieces are working together. When employees understand their finances at work, they are more confident, more engaged, and better positioned to make informed decisions. That benefits both the individual and the organization over time.

Have a question? Get in touch.