Worcester Business Journal

wbjournal.com | January 13, 2025 | Worcester Business Journal 31 By Nina T. Dow Nina T. Dow is an attorney at Bowditch & Dewey in Worcester, handling the estate, financial, and tax planning practice areas. She helps clients minimize transfer taxes, including estate and tax planning that involves charitable giving, business succession planning, the representation of corporate and individual fiduciaries, and planning for individuals with special needs. 10) Try to keep the peace. Families often get along until money comes into the picture. Think about how to handle real estate. It can become a major focus of expensive litigation post-mortem. 9) Have a family meeting. Ask family members their opinions about dividing your assets. That could help guide deci- sions and identify sources of tension. 8) Defend your wishes. If you want to give children unequal shares, explain your decision – and be ready for arguments. 7) Be creative with real estate. Think ahead about how to keep properties in the family, like sharing costs or dividing time spent. Or decide if it's better to sell. 6) Think about the family business. If family members will inherit your business by default, think about whether it should be sold. Plan for what will happen to busi- ness partners who are not relatives. 5) Carefully choose your will's personal representative. Fiduciaries will play a key role to make sure your estate plan gets carried out as you want. 4) Protect assets from creditors. Make sure your inheritance won't be eaten away by family's creditors or personal issues, such as lawsuits, divorces, or addictions. 3) Avoid transfer taxes. Consider setting up a trust to minimize taxes or consider lifetime giving. Massachusetts imposes transfer taxes on estates valued at more than $2 million at the time of death; federal is $13.61 million. 2) Budget for transfer taxes. Consider what assets could pay for estate taxes. You might need to sell real estate to pay for them. 1) Avoid probate. To avoid probate litiga- tion, designate beneficiaries on retirement accounts for income tax benefits and life insurance policies. If your beneficiaries are minors or have special needs, set up a trust and name the trust as beneficiary instead. Get your payment card data security in check before the April deadline BY SLOANE M. PERRON Special to WBJ F ostering inclusivity is crucial to creating stronger teams, especially by addressing the needs of employ- ees with disabilities, whether they have invisible illnesses or physical constraints. Recognize the ripple effect of accom- modations. According to Harvard Pil- grim Health Care, one in four adults have some form of a disability. is number represents a large pool of employees who may need workplace accommodation. However, while accommodations may be implemented to help one employee, they oen have positive impacts for other employees. For example, building a ramp accommodates an employee in a wheel- chair, but the ramp could also benefit employees with temporary injuries, those Building an inclusive work community for disabled employees Janelle Drolet is vice president of operations and sales for Towerwall, a cybersecurity consulting firm based in Framingham. BY JANELLE DROLET Special to WBJ I f you're in charge of payment card data at your company, you've probably come across the term PCI DSS. No, it's not some secret code; it stands for Payment Card Industry Data Security Standard. Basically, it's a set of rules designed to keep your customers' card info safe from cyber crooks. Here to tackle today's cyber threats head-on is the latest version of this standard called PCI DSS 4.0. But here's the catch: there's a deadline looming. By April, companies must be in compliance with 4.0 mandates or risk fines of up to $100,000 a month, depending on volume of transactions. Keeping things simple and in plain English, below are the six essential things businesses need to implement before the deadline hits. 1. Web application firewall: Web applications can be a goldmine for hackers if not properly protected. at's the job of a web application firewall. It acts as a shield, inspecting all traffic to block any malicious intruder targeting your web apps. 2. Anti-phishing tools: Phishing is still the oldest trick in the cybercriminal playbook. reat actors oen send scams by email in hopes of snaring victims into giving up their login credentials, financial details, or personal info. To combat this, you need serious anti-phishing measures, which include domain-based message authentication (DMARC), sender policy framework (SPF), DomainKeys Identified Mail (DKIM) to prevent spoofing, the use of link scrubbers, and server-side anti-malware tools. PCI DSS recommends regular security awareness training to help employees identify and report phishing attacks. 3. Penetration testing: Requirement 11.4 of PCI DSS 4.0 specifies organizations must perform penetration testing at least annually and aer any significant change to the network. is includes testing from both inside and outside the business to identify vulnerabilities and ensure security of cardholder data. 4. Multi-factor authentication: Not all MFA is created equal. Make sure you have a system that can't be tricked by replay attacks, where hackers intercept and reuse authentication messages. 5. Tougher passwords: Businesses need to encourage staff to use long and complex passwords using at least 12 alphanumeric characters. Given how the average internet user has 100 apps and online accounts, the only way to generate, store, and recall passwords is by using a commercial password manager. 6. Automated log analysis: Digging through endless logs looking for troublemakers is a job for automation. Businesses must have log analysis tools such as a security info event manager, which simply collects data from various sources to detect and respond to security threats. e above list is not the comprehensive set of requirements. Version 4.0 puts great emphasis on periodic risk assessments. Abiding by PCI DSS 4.0 rules may seem like a big hassle, but look on the bright side: Complying will not only prevent being fined by regulators but also make your business less vulnerable to scams and cyberattacks. 10 THINGS I know about... ... Estate planning with baby strollers, and people carrying heavy equipment. Promote physical accessibility. e Americans with Disabilities Act legally requires reasonable workplace accom- modations, with physical accessibility being a priority. Elevators and ramps are the most common changes, but some impactful accommodations can be on a smaller scale. Hire a consultant who can provide the best alternatives to make offices safe and accessible for all, writes Maya Richard-Craven in Forbes. "Physi- cal disability representation is lacking in the C-Suite and executive level positions. If you've worked in corporate Amer- ica, you probably haven't seen many executives with physical disabilities, but physically disabled CEOs are changing the narrative," Richard-Craven writes. Personalize your approach. While companies have policies around disabili- ties, there is no one-size-fits-all approach when it comes to disability inclusivity. Every individual is different and so are their conditions and workplace needs. It is important to communicate with your team members and see what resources they need to succeed. is personalized approach is transparent and boosts pro- ductivity. "Our research found that when managers used language that linked an individual's needs or accommodations to their performance and success at work, it helped employees voice their con- cerns more freely. When managers use phrases such as 'How do I set you up for success?' or 'What can I, as a manager, do to support you to perform your best?', they are seen as 92% more approachable by their team members," Jack Tillotson writes in the Harvard Business Review. W W W

• Cover