by Felicien | Dec 5, 2017 | Education
MacOS vulnerability gives any user full admin rights without a password
We all want to believe that the technology platforms we use are invincible. But, the reality is, software flaws exist. And some of these flaws don’t even require sophisticated hacking to exploit – they’re just sitting ducks, waiting to be found. Unfortunately, that’s the current challenge for Apple.
Apple is usually in the news for their latest innovations and new products, but recently an easily exploitable vulnerability in Mac’s High Sierra Operating System (OS) has made headline news. The security flaw enables a root superuser account without a password, giving attackers full access to all parts of a Mac machine.
The Background: How the MacOS Security Flaw was Detected and How it Works
High Sierra’s “root” bug was first revealed by Turkish software developer Lemi Orhan Ergin, who says security staff at his company happened to stumble upon the issue while trying to restore account access for a user. The issue was then made public by Ergin, who demonstrated the flaw in a Tweet to Apple’s tech support account.
The flaw is made possible any time a user encounters a prompt in High Sierra asking for a username and password. This includes logging into a machine with multiple users, installing an application, or changing settings. Users are then able to simply type “root” as a username, leave the password field blank, click “unlock” twice, and immediately gain full administrator access.
In other words, the bug allows any rogue user that gets their hands on a Mac computer to gain the deepest level of access to a computer, known as root privileges. Malware designed to exploit the flaw could also fully install itself deep within the computer, with no password required.
Even worse, is that the flaw can be exploited even when it’s not possible to enter a username at the main MacOS login screen. Users can still take advantage of the flaw via the system preference settings. For example, an attacker could enter the root as the username in the Users and Groups preferences setting, leaving the password field blank, and clicking on the unlock button.
After that, it’s possible for an attacker to wreak havoc on a business network. They can add new accounts with full administrative rights and could also turn off MacOS security features such as FileVault disk encryption, install malware, not to mention the ability to steal, copy or delete data.
Dangerous Access: Why the MacOS Flaw is Especially Scary
News of the security vulnerability spread like wildfire across Twitter and other social media platforms, with many security researchers confirming that they were able to replicate the flaw exploit. Security researchers Patrick Wardle and Amit Serper posted that they had been able to gain unauthorised access by exploiting the root flaw. WIRED also independently confirmed the bug.
What’s terrifying is the fact that the attack could be used on a logged-out account. This raises the possibility that someone with physical access could exploit it just as easily as malware, meaning the threat is both internal and external. Users could, for instance, use the attack to gain root access to a logged-out machine, set a root password, and then regain access to a machine at any time. This means if someone did this to any company machine sitting on a desk, they could come back later and do whatever they wanted.
Wardle explained the external threat as well. He noted the flaw can also be exploited remotely if the target MacOS system has resource sharing services enabled.
“Attempting to log in creates the root account with a blank password,” said Wardle, a security researcher with Synack. “If the root account is disabled, logging in remotely re-enables it.”
This creates a huge threat to MacOS systems and leaves devices vulnerable to potential threats within and outside business organizations.
How to Patch the Flaw: Setting a Root Password to Prevent Unauthorised Access
Unfortunately, despite suggestions that the flaw can be mitigated by disabling the computer’s guest account, this doesn’t work. It simply restarts the computer with Safari as the only application running.
It is possible to mitigate against the flaw, however, by adding a password for the root user. Here are the directions for adding a root password:
Access the Users and Groups preferences pane.
Select the Login Options
Select the Join Network Account Server
In the dialog box that pops up, click on Open Directory Utility.
From the tool’s menu bar, select
Here, you’ll be able to assign and change the password for root privileges.
IMPORTANT NOTE: Simply disabling the root account in the Open Directory utility tool does not work, as the root account becomes re-enabled when entered into the username field upon login
However, the safest fix is to install Apple’s newly released update. About 18 hours after the vulnerability was made public, Apple released a patch for the ‘root privileges’ flaw. If you haven’t yet applied the latest update, you should do so asap. Apple blamed the flaw on a logic error in the validation of account credentials. They improved credential validation strategy with the patch and accepted responsibility for leaving users vulnerable to threat.
“Security is a top priority for every Apple product, and regrettably we stumbled with this release of MacOS,” the company said in a statement. “We greatly regret this error and we apologize to all Mac users, both for releasing the OS with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”
Frightening Patterns: MacOS Security Flaws Becoming More Common
“We always see malware trying to escalate privileges and get root access,” says Wardle. “This flaw is the best, easiest way ever to get root, and Apple has handed it to them on a silver platter.”
And unfortunately, the root access bug isn’t an isolated event. The flaw is only the latest in a disturbing series, that has plagued the High Sierra OS. On the day the operating system launched, Wardle determined malicious code running through the software that left data up for grabs. Another reported bug apparently showed the user’s password as a password hint when trying to unlock an encrypted partition on their machine known as an APFS container.
Wardle argues that flaws could be identified and stopped quicker if Apple launched a “bug bounty” for information about security vulnerabilities in its desktop software. Bug bounties are becoming an increasingly popular way for tech companies to proactively mitigate threats and identify system vulnerabilities. Apple already has a bug bounty for iOS, but still nothing for MacOS.
“A bug bounty program is a no-brainer. Maybe this is something that will encourage them to go down that path,” claims Wardle “It’s crazy these kinds of bugs keep blowing up. I don’t know if I should laugh or cry.”
Despite the efficiently released patch from Apple, this latest security flaw should leave Mac users on high alert. Staying in tune with the latest Mac product line is great, but it’s even more important to stay in tune with Mac security updates and potential software flaws. You can only protect your business data if you know the latest threats to combat.
If you have questions about the MacOS security flaw or need a hand making sure you have it patched, reach out to our team of technology experts. Trying to mediate a wide variety of cyber threats can be time-consuming and stressful – sometimes checking in a team of professionals makes all the difference.
by Felicien | Dec 4, 2017 | Education
Understanding the Key Differences Between Microsoft’s OneDrive and SharePoint Applications
Microsoft’s collection of software is continually evolving. As it continues to grow, many users are noticing quite a bit of overlap between application capabilities. For business owners, this can be a challenge – especially when trying to decide which apps are worth investing in.
Two Microsoft apps that are especially hard to differentiate are OneDrive and SharePoint. The simple fact is that both apps have a lot in common and are stocked with very similar features. However, they aren’t identical and understanding the key differences can help business owners make more informed decisions when choosing an application to invest in and deploy.
Breaking Down the Basics: How Microsoft Defines OneDrive and SharePoint
In order to get a lay of the land, it’s helpful to try and understand the purpose of each application. While they do have some overlap, the applications were created separately and Microsoft defines the purpose and features of each application differently.
OneDrive: Microsoft defines OneDrive as an online document/file storage hub. It’s most commonly used by both individuals and business teams looking for a centralized headquarters to access, save and store files. OneDrive is also configured to allow file-sharing and versioning, which allows it to serve as more than a digital filing cabinet. Additionally, Microsoft has two versions of the OneDrive app – one for individual consumers and one specifically designed for business optimization, adequately named OneDrive for Business. OneDrive is also built into the Office 365 online platform.
SharePoint: Microsoft defines SharePoint as a collaboration tool for businesses that helps team members work better together. SharePoint allows business teams to open, share and access files and allows team members to work on the same document, together, in real-time. SharePoint also allows for process streamlining and has data and app management tools. Microsoft has an on-premise version of SharePoint as well as a version that’s built into Office 365 for the Cloud.
Confused Yet? Let’s Explore the Key Categories of Difference
Simply reading the definitions isn’t enough to fully wrap our brains around the differences between OneDrive and SharePoint and the benefits of each for business owners. By looking at the key areas where OneDrive and SharePoint are different, business owners will have an easier time making decisions about software investments.
On-Premise vs. Cloud
Here’s the thing: Microsoft’s Office 365 comes with both OneDrive and SharePoint built in. This leaves many wondering – what’s the point in investing in standalone solutions like SharePoint Server if you can just invest in Office 365 and get the same features plus way more? But we shouldn’t jump to that conclusion quite so fast. Some IT administrators prefer on-premise solutions because the locally installed software allows for more control and security. On-premise SharePoint deployments on company servers allow administrators to control the look and feel of the platform.
However, there are downfalls to on-premise deployments as well. Implementing SharePoint on company servers means administrators are in charge of purchasing and managing updates, monitoring systems, and responding to security breaches. It should also be noted that businesses who choose to deploy SharePoint as a stand-alone, on-premise solution are able to purchase OneDrive separately, although all its features are already built-into SharePoint.
Security, Encryption & Compliance
For many business owners, document safety, auditing, and regulatory compliance are huge concerns. For these business owners, SharePoint’s collection of granular controls and user access capabilities are a huge benefit when trying control internal security and client data. While Office 365 and OneDrive both use encryption to keep documents safe from prying eyes, SharePoint is the only solution that offers an additional layer of security provided by a standalone server. However, OneDrive in Office 365 does offer granular access control as well, so administrators can designate access and assign user permissions. Microsoft’s cloud security is top of the line and supports TLS and SHA-2 protocols. In the Cloud, Microsoft encrypts all business data upon transfer to and from server locations and stores it, with encryption, on the Microsoft server as well.
Document and Resource Management
OneDrive for Business has all of the original document offerings as SharePoint. This includes workflows, auditing, templates and version control. However, OneDrive does not include business marketing tools like a website and social media connections – features that are built into the SharePoint infrastructure. With OneDrive, a business owns the account and employees are assigned personal accounts within the larger business account. This allows individual team members to produce and store documents before they are shared office-wide.
SharePoint offers a huge collection of tools for company-wide document and file management and collaboration. SharePoint Online and SharePoint Server offer collaborative workflows and advanced granular permissions to help businesses effectively and efficiently move content from idea to completion. Furthermore, as noted, business marketing is made easy in SharePoint Server with a variety of features to ensure intranet corresponds with branding. These branding tools are not featured in the online version.
Website, Apps & CMS
SharePoint is used by countless companies to develop, manage, and maintain their company website, internal documentation system, and company web applications. The CMS element in SharePoint allows businesses to publish documents directly to the company website or even make them centrally available for review and download by clients, associates and team members.
Companies also rely on SharePoint’s business intelligence and internal analytics features to develop custom applications for both internal and external use. Companies can build customer-facing websites, FAQ & Help applications or employee portals directly from the SharePoint infrastructure.
OneDrive simply doesn’t offer these various web optimization features. While OneDrive offers the ability to email links to documents, the documents cannot be published directly to the web from OneDrive’s infrastructure. So, while documents can be made available to your team with OneDrive, a full Office 365 subscription or another CMS/website platform – like SharePoint – is required to publish work straight to the web.
Workflows, Dashboards, Calendars, and Extras
One Drive offers companies the ability to control team access to documents for storage and sharing and it tracks versions. However, when it comes down to it, OneDrive is essentially a digital-file storage and optimization system and does not include the dynamic extra features available in SharePoint Server or through a full out Office 365 subscription.
SharePoint offers business teams a dynamically collaborative workspace that includes dashboards, calendars, tasks, notifications, and updates. SharePoint keeps these features located centrally, in a company portal that is linked directly to company websites and external applications. Additionally, SharePoint sites can be created and customized for each team member with different levels of security, so access and information are well-organized and easy to manage. Finally, companies can set up a larger corporate portal where company-wide file libraries can be searched and business notifications can be delivered in real-time.
The Short Answer is, There is No Right Answer
So, when it comes down to it, it becomes clear that OneDrive for Business and SharePoint are not exactly the same, yet not entirely different. The real differences are determined by the way a company decides to deploy and use SharePoint. For organizations looking for a company portal that offers project management, human resources tools, and web optimization, SharePoint is the clear winner.
OneDrive is more suited for companies looking to implement a basic solution for storage and occasional file-sharing capabilities. Since OneDrive is fully integrated with the Cloud through Office 365, business teams have the ability to sync files to any given device, which make anytime, anywhere access incredibly easy.
Overall, the best software solution for any business is one that supports business goals and inspires team members to be productive. For companies who have acclimated to the Cloud, an Office 365 subscription will give you the best of both worlds – not to mention Microsoft will handle your updates. However, for companies who are comfortable offline, using on-premise solutions, SharePoint offers branding tools and user interface control that Office 365 doesn’t.
Is your company trying to weigh the similarities and differences between SharePoint and OneDrive? Use this outline as a guide and be sure to make a strategic decision based on the unique needs and demands of your corporate structure.
If you’re still having a hard time deciding between the two solutions, reach out to a local technology firm for guidance and consultation. When making investment decisions about business IT, it’s never a bad idea to bounce ideas off the pros.
by Felicien | Dec 4, 2017 | Education
Outlooks Shareable Calendar and How It Fits into Aspects of Everyday Life
A shared calendar is one step in the direction of having all involved on the same page. It is little more frustrating than trying to work on a project or develop ideas when everyone is not equally informed. With Outlooks shared calendar these issues are a thing of the past, and keeping everyone informed and up to date has never been easier. The shared calendar option is one that is relatively new and boasts a number of positive impacts on everyday life.
Easily Share Important Information
Outlook has designed their sharable calendar to be incredibly user-friendly. Through Office 365 users are able to find and share their calendar events with ease. By first opening Microsoft Office 365 and then continuing to “view all apps” users will find their calendar. Here the option to add or edit events is available. Also available is the share option. After selecting the share option, you will be prompted as to who you would like to send this email to. You can also choose what details of the event they will be able to see. This might mean they can view all the details, only the titles, and dates, or other adjustable options which the sender chooses.
This is extremely easy for the recipient as well. They must only accept the invitation to view the details of the event. This way both the sender and recipient are easily able to share calendar events including the desired details through the simplicity of a few clicks of the mouse.
Keep Everyone on the Same Page
It is important that those involved in an event or job are aware of what is going on. This might mean that the calendar is used to keep track of due dates, important events or timelines for developing ideas or projects. By sharing calendar events with those who need to be aware of these events you can ensure that everyone is kept up to date on what is going on.
The calendar might be used to plan events that would otherwise take too much time to share by word of mouth. It is much easier to communicate with large groups of people through email rather than taking time out of their day to discuss something they might not remember. By inviting people to events or sharing other aspects of the calendar the reminder of the information is there waiting in the email for the recipient to look over as many times as they like. Furthermore, it is useful in keeping those that you may not see on a daily basis informed, even the sender and recipient are separated by many miles.
Useful for Business or Personal Life
Outlooks sharable calendar is useful in multiple aspects of life. Not only can you plan a meeting for your business, but you could also invite your family to a holiday celebration at your house. The only limiting factors are who you have on your email list. Using the sharable calendar in various aspects of life means that this tool is something that could make everyday life that much easier.
This functional app lets users control aspects of both personal and business life in the same area, meaning that there is no need for separate software. The ease of using the same process to keep track of multiple kinds of events means that there is more time to ensure these events are carried out as desired, whether that be for work or play.
Outlooks sharable calendar is something that could be worked into the lives of most. Anyone who has a need to keep track of dates, times or events in their lives would find the use for this calendar. This is proven to be true especially when considering the distance between those who are trying to communicate and time management. The simplicity of Outlooks calendar and the accessibility is provided to both the send as well as the recipient make this an app that everyone should be taking advantage of.
by Felicien | Dec 1, 2017 | Education
Google Hangouts is a convenient and user-friendly way to have a video call with clients, coworkers, or friends. These meetings can be easily recorded for playback later or to upload to YouTube. Of course, this video meeting software is designed to work with G Suite, Google’s suite of products that includes Gmail, Google Drive, Google Docs, Google Sheets, and Google Calendar for business.
While you may be running G Suite for all your business needs, or maybe you just enjoy their Hangouts app, not everyone you need to chat or meet with will be a Google user. Google realized this and has made it possible for users of the other guys (Microsoft, Yahoo, etc.) to join your Hangouts. The process is pretty simple, really.
Google give external users the ability to join a Hangouts call if the call is added to the Google calendar or someone already on the call invites them during the call. To make this process even simpler, all you have to do is supply the person you are wanting to have in the call, with the link. This way, as long as they have the link they can request access to your Hangouts call.
Having external users available for the calls in Hangouts has several advantages, including:
External users can always request access to video calls using the meeting link. There’s no need for them to be invited, and there’s no need to have to share manually enabled.
It provides the best experience when using non-Google software to join Hangouts calls. Allowing guest to request access by default provides the best experience.
Simplifies access to video calls when G Suite accounts are not provided to all users.
Ensures all users in your company are allowed to request to join when being migrated.
Allowing external guests to join by default is an easy menu option that can be turned on before the Hangouts call gets underway. All you need is the link, then visit the menu:
Sign-in to the Google Admin console
Find apps, then click on G Suite, then Talk/Hangouts
Click Global Settings
Under Hangouts video calls, click All Classic Hangouts video calls begin with external guests allowed to request access…
The user only needs to click the link or put it into a browser, where they will be prompted to input their name when they click the link to request access. Google account not required.
IMPORTANT: Someone in your company must approve the external guest that is requesting access who is trying to get in through the link.
Inviting users without a G Suites account opens up a world of collaboration, but it also comes with a few restrictions. For example, external users are restricted to presenting and participating in the call, but cannot use text chat or other Hangout apps. External guests are able to join your Hangouts meeting from a PC, Mac, tablet, smartphone, or Chromebox.
by Felicien | Dec 1, 2017 | Education
The Leading Ways Cybercriminals Target Consumers and Businesses During the Holidays
As the holiday season is now upon us, everyone is starting to get in the spirit. Decorations are going up, shopping malls are getting busy and gifts are being wrapped. However, unfortunately, the holidays have a tendency to bring out the worst in some people – especially cybercriminals who prey on others for their own gain.
Every year, around this time, reports of hacks and scams skyrocket. Cybercrooks do whatever they can to take advantage of the chaotic holiday shopping environment in order to trick and rob unsuspecting victims. This is easy in a busy online environment, that is especially hectic during the holiday season.
Inboxes fill up quicker than usual with Christmas lists and last minute RSVPs to Christmas dinner. Not to mention the massive amount of order confirmations, online receipts and special holiday promos that come through from retailers. Because of this, our guard is down and we may not be as vigilant at identifying suspicious looking emails. For cybercriminals, this presents an amazing opportunity to deploy phishing scams and play the cyber-Grinch.
Breaking Down the Basics: How do Phishing Scams Work?
Phishing is a form of social engineering that attempts to steal sensitive information. An attacker’s goal is to compromise user systems to obtain usernames, passwords, and/or other account and financial data. Phishing attacks are most commonly deployed through malicious email communications.
The attacker sends legitimate-looking emails to people within an organization. The email usually pretends to be from someone trustworthy, like someone from within the institution, a bank, a shipping company, a credit card company, an airline, or some other site for which a user may have login credentials. The email includes a link to an “official” website that is actually a fake site operated by the attacker.
Once the user visits the fake site, they may be asked overtly to enter account information such as usernames, passwords, credit card details, social security or bank account numbers. The victim may also be exposed to malware by visiting the fake site. Taking advantage of a variety of vulnerabilities in the browser, the attacker may be able to install a Trojan Horse on the user’s computer.
If done correctly, the attack can capture sensitive information without the victim even knowing that they have been compromised. In some cases, malware can also be embedded in an email attachment, so when users open a bogus attachment, their system encounters the malware.
Holiday High Alert: The Leading Phishing Scams Cybercriminals Use During the Holidays
Unfortunately, phishing scams are far from the only cyber threat out there causing trouble for businesses and consumers alike during the holiday season. However, phishing does tend to be the most prevalent. To stay on high-alert, let’s outline the top six phishing scams that consumers and businesses are facing this holiday season:
Fake Receipts and Invoices
This is one of the most popular kinds of phishing scams because it has the ability to sneak malware past IT security measures. By hiding the malicious code in an email attachment, labeled as a receipt or invoice, the standard phishing traps don’t catch the scam. This is especially useful during the holidays when so much holiday shopping takes place online. Usually, a random invoice from Amazon or The Gap would register as suspicious, but with the holidays around the corner, many would open the attachment without thinking twice.
Fake Shipping Status Alerts
This scam deploys a very similar strategy as the fake receipt scam. Much like bogus receipts and invoices, phishing scam artists create phony shipping notifications or updates to send to busy holiday shoppers. However, this strategy is often more effective, because it doesn’t create a fake purchase, but instead provokes consumer worry by stating deliveries are delayed or canceled. This can understandably make consumers worry that holiday gifts they paid for will be late or won’t come at all. Therefore, phishing scammers take advantage of the fact that a phony UPS delay notice will more than likely get a click during the holiday season.
Fake Flyers and Deals
This scam targets the frugal saver in all of us. With the rush of the holiday season, email users likely see dozens of holiday promo deals arriving in their inbox every week. Links to printable coupons, discount codes and special offers cram the digital information highway. However, during the holiday season, it’s critical to skim through these messages with a keener eye than usual. While there may be some great deals to be scored, phishing scammers also send out emails with malicious links to phony deals and discounts during the holiday hustle and bustle. When users click these malicious links, they’ll soon find out they’re getting no deal and may have lost money or infected their device in the process.
Malicious Embedded Links
Embedded links are one of the most classic phishing scam styles there is. When clicked, malicious links embedded into email messages can download malware to a system or redirect victims to an infected website. We have a rule of thumb for combatting this. Whenever looking at an email with an embedded link, take the time to run your mouse over the hyperlink – no matter how legitimate it may look. While the hyperlink itself may look legitimate, the destination could be malware central. Users may think following the link will take them someplace familiar, but in reality, they’re being directed to malicious, hacker-controlled territory.
Unauthorized Transactions
It’s no secret that keeping tabs on your bank account is a good idea – especially in an increasingly digital marketplace. However, this is especially critical during the holiday season. Trying to keep track of countless holiday shopping purchases can be an uphill battle, but keeping a close eye on changes to your account balance could help you identify fraudulent purchases that aren’t yours. Having payment card data stolen from the internet is easier than ever – all it takes is one website with weak security protocols. Once your payment card details are in the hands of hackers, you’ll be footing the bill for someone else’s shopping list.
Fake Customer Surveys
Finally, fake customer incentive surveys are becoming an increasingly popular method for phishing hackers. Many company’s use online surveys offering cash or gift cards as a reward for completing them. However, scam artists have started using phony ones to phish for personal information from unsuspecting victims. Users can respond by staying vigilant and paying attention to the nature of the survey. The difference between a legitimate offer and a phishing attempt is all in the survey questions. If a survey asks for personal or financial information, it’s extremely likely that the survey is a cybercriminal’s way of stealing your data.
Lessons for Business Owners: Strategies for Holiday Cyber Protection
While most of these phishing scams are targeted at individual consumers, it’s not unlikely for these scams to show up in employee inboxes. If an employee happens to fall victim to one of these attacks on the company network, an infection can be triggered which can be disastrous for businesses. Once the infection is triggered, hackers can navigate the business network to steal personal and sensitive company data.
So, how are is your business supposed to combat this threat? The key is to have open and transparent conversations with your employees. Make sure they’re aware of the risks and work together to develop concrete strategies for protection. If and when employees identify suspicious emails, make sure they know the process – should they report it? Who should they report it too? Should it be deleted immediately or should they have an IT employee review it first? Making sure your team knows what to look for and how to respond is half the battle.
Furthermore, talk to your IT department or provider to ensure that you have reliable and strategic network security measures in place and that your firewall, antivirus, and antimalware programs are all up-to-date with the latest patches. Making sure your security strategy is operating correctly will help you avoid the holiday humbug scam-artists.
Wondering if your IT security strategy is up to snuff? Thinking about training your employees with concrete strategies for vigilance? Reach out to a local IT firm for guidance and consultation. The holiday season is busy and cybercriminals never take vacation – sometimes checking in with professionals makes all the difference.
by Felicien | Dec 1, 2017 | Education
Take Advantage of the IRS 179 Deduction Before the End of 2017!
The IRS 179 Deduction was enacted to help small businesses like yours by allowing you to take a depreciation deduction for certain assets in one year, rather than depreciating them over a longer period of time.
It allows you to take an outright deduction equal to the full purchase price of a qualifying piece of equipment. This means you can lessen your taxable income, and ultimately your tax burden.
Reduce your tax liability by acquiring new technology before the end of 2017. Section 179 is only available to U.S. companies until the end of the 2017 calendar year.
The Section 179 Deduction
Taking a deduction on an asset in its first year is called a “Section 179 Deduction.” You reap a huge benefit by taking the full deduction for the cost of an asset immediately, rather than spreading it out over its useful life.
Who Gets the Depreciation?
The owner of the equipment—As the owner, you get the benefits of depreciation. For example, if you buy technology or other equipment for your business, under Section 179 you can deduct the full cost in the first year. This makes sense because we all know that technology has a short or useful life.
Depreciation is a means for you to recover the cost of a purchased asset over time through periodic deductions or offsets in income. It’s considered a tax benefit because depreciation deductions cause a reduction in taxable income, thereby lowering a firm’s tax liability.
What Type of Equipment Qualifies for Depreciation?
Equipment that’s purchased under a Capital Lease, cash sale or a dollar buyout, and where you’re considered to be the owner of the equipment and maintain full control over the residual value, qualifies.
What Types of Business Property Does Section 179 Apply To?
The IRS has two general requirements:
The property (called”qualified property”) must be “tangible, depreciable, personal property which is acquired for use in the active conduct of a trade or business.” Land and buildings are not qualified property, but most other property, including office equipment, technology, and vehicles, qualifies.
The property must be purchased and put into service in the year in which you claim the deduction. Putting an asset into service means that you have it set up and working, and you’re using it in your business. Buying a piece of property and then letting it sit and gather dust doesn’t count.
To take advantage of the 179 Deduction, the technology equipment you purchase must be set up and running by the end of 2017.
What Types of IT Equipment Are Eligible For the 179 Deduction?
Routers and Firewalls (These should be replaced every 2-3 years for security purposes.)
Switches (Take advantage of the newer, faster switches that are available today.)
Wireless Access Points (More and more devices rely on wireless connections for roaming across your facility.)
Off-the-Shelf Software (software that’s not customized for your business)
Servers (These should be replaced every 5 years.)
Phone Systems (VoIP or traditional)
Backup & Disaster Recovery Appliances (Do you have a reliable system that will support your business if you suffer from a natural or manmade disaster?)
Workstations and Monitors (Consider adding a 2nd monitor for your key staff to increase productivity.)
Laptops and Ultrabooks (New technology is available with much longer battery life.)
Scanners (Today’s scanners are faster and allow you to scan multiple documents at once.)
Battery Backups (You need these when the power goes down.)
Storage SAN- Storage Area Networks, RAID-Redundant Array of Independent Disks, etc. (Digital picture files now require a lot more storage today.)
Deductions are all about limiting your tax burden by reducing your taxable income. Taxable income is defined as gross income, or adjusted gross income, minus any deductions or exemptions allowed in the tax year. An example of a deduction or exemption is depreciation.
Limitations on Deductions:
An aggregate cap on the Section 179 Deduction of $500,000.
A 50% Bonus Depreciation is generally taken after the $500,000 Section 179 Spending Cap is reached.
The deduction cannot reduce taxable income below $0.
What Doesn’t Qualify for Depreciation?
A Fair Market Value (FMV) Lease, (sometimes called a True Lease or an Operating Lease). It generally has lower monthly payments than a Capital Lease or a bank loan, and it’s most often used as a shorter-term lease, unlike a Capital Lease. FMV lease payments are 100% tax deductible as an operating expense but not a capital expense since the equipment is not seen as a purchase. Rental Agreements don’t qualify either because you’re not the owner of the equipment.
Modified Accelerated Cost Recovery System (MACRS)
Here’s how the traditional MACRS method works: For example, if you have a Gross Income of $100,000, and you buy out a $1 phone system valued at $100,000, the MACRS method of depreciation only allows you to depreciate 20% in the first year ($100,000 x 20% = $20,000 in depreciation).
$100,000 Gross Income
– $20,000 Depreciation
$80,000 Taxable Income (You’ll pay tax on this amount.)
The 179 Deduction Saves You Money.
Here’s how the Section 179 Deduction works: If you have a Gross Income of $100,000, and you buy out a $1 phone system valued at $100,000, the 179 Deduction method of depreciation allows you to depreciate the full amount ($100,000).
$100,000 Gross Income
-$100,000 Depreciation
$0 Taxable Income
This is a significant and impactful advantage that you should take advantage of if you want to buy equipment and lessen your tax burden.
What’s a Bonus Depreciation?
If you bought a total of $2,000,000 in qualifying fixed assets under Section 179, you can depreciate $500,000 of this amount in the first year.
The Bonus Depreciation allows you to depreciate the remaining $1,500,000 at 50% ($750,000).
Then, you can also take your 20% 1st-year MACRS on the $750,000 that didn’t get the Bonus Depreciation (another $150,000!).
Here’s the breakdown:
Total 2017 Equipment Purchases $2,000,000
1st year write off -$500,000
Bonus depreciation -$750,000
MACRs -$150,000
Total 1st Year Deduction $1,400,000
This is a huge saving you should definitely take advantage of.
Along with the holiday shopping rush, business owners and managers are rushing to purchase computers, software and other technology equipment before the Section 179 Deduction allowance expire December 31, 2017. If you’re considering a large technology purchase you should do so now to take advantage of this special 100% tax deduction.
Remember:
Section 179 is only available to U.S. companies until the end of the calendar year.
Taking advantage of Section 179 and/or Bonus Depreciation could be the most profitable decision you make in 2017.
Always consult your tax advisor to confirm how you can benefit from this or other tax breaks.
