Gilroy Chamber of Commerce Business Focus-September 2021

September 27, 2021

Return of the Great Pumpkin… Menu

The Gilroy Chamber of Commerce’s Annual Pumpkin People Restaurant Passport Contest promotes various local restaurants (including coffee shops and bakeries). Throughout the month of October, participating restaurants will have pumpkin-flavored menu items to offer their patrons. 

Passports are provided to patrons at the start of the month. Patrons can get their passports stamped whenever they buy a pumpkin menu item from the participating restaurants. Below is a list of our participating restaurants and their menu items. 

  • Fifth Street Coffee – Pumpkin Spice Latte and Pumpkin Muffins
  • Old City Hall – Pumpkin Pancakes, Pumpkin Chorizo Pasta, and a Pumpkin Spice Cocktail
  • The Milias – Gnocchi in a Creamy Pumpkin Sage Sauce and a Spice Apple Cider Moscow Mule
  • Café 152 Bread Company – Pumpkin Bread, Pumpkin Muffins, and Pumpkin Latte 
  • Black Bear Diner – Pumpkin Pie
  • The Claddagh – Pumpkin Soup and a Pumpkin Martini
  • Westside Grill – Pumpkin Pancakes (Weekends only)
  • El Charrito Market – Pumpkin Flower Quesadilla
  • Mama Mia’s – Pumpkin Cheesecake 
  • Boba Loca – Pumpkin Tea
  • Baskin Robbins – Pumpkin Ice Cream
  • Yogofino – Pumpkin Pie Yogurt
  • LJB Farms – Pumpkin Butter
  • Los Cuates – Pumpkin Seasonal Soup, Mexican Pumpkin Pie, Sugar Glazed Pumpkin-Calabaza Dulce, Pumpkin Spice Margarita, and a Pumpkin Spice White Russian
  • Tristan’s Cookies – Pumpkin Pie and Pumpkin Cookies
  • Ice Factory – Pumpkin Spice Milkshake 

Click here to download your passport today, or pick one up at your first stop!

Thank you to our sponsors

 

Nominate your Favorite Small Business!

The Gilroy Chamber of Commerce Board of Directors invites the community to nominate individuals and businesses for the 2022 Spice of Life awards. Applications are available online at gilroy.org and at the Gilroy Chamber office with the deadline to submit Friday, October 8, 2021. Categories include:

  • 2022 Man and Woman of the Year – designed to acknowledge those persons who have a history of unselfish service to the community, contributing to Gilroy’s welfare and betterment.  
  • 2022 Small and Large Business of the Year – designed to recognize an outstanding Gilroy Chamber of Commerce business that has demonstrated an extraordinary level of excellence and success in areas such as management skills, innovation, personal commitment, community involvement and support, and a contribution to the entrepreneurial spirit. Separate categories are presented based on business size with small businesses being 25 full or part-time employees or less and large businesses with 26 and above full or part-time employees.  
  • 2022 Gilroy Educator of the Year – designed to recognize an outstanding individual who has made a significant contribution within the educational community of Gilroy. 
  • 2022 Firman B. Voorhies Volunteer of the Year – designed to recognize an outstanding Gilroy Chamber of Commerce volunteer. 
  • 2022 Non-Profit of the Year – designed to recognize an outstanding non-profit organization in Gilroy.  
  • 2022 Young Professional of the Year – designed to recognize the accomplishments of a highly motivated young professional who works or lives in South County. Nominees for this award must be between the ages of 21-40 years old. 

Submit your nominations here! 

Cities Crack Down on Crime, Protests

By CalMatters

As Newsom decides whether to sign a package of bills that would reform California’s criminal justice system — such as by creating a process to yank badges from bad cops, offering greater access to police records, and protecting protesters from rubber bullets — some of the cities that slashed law enforcement budgets in the wake of George Floyd’s murder now appear to be backtracking amid an uptick in homicides and violent crime. On Wednesday, San Francisco Mayor London Breed announced a plan to crack down on organized retail theft by hiring more police investigators and community ambassadors and upgrading an online crime reporting system. On Tuesday — a day after Oakland saw its 100th homicide of the year — the city council voted to fund a new police academy and to study adding another one next year. Also Tuesday, the Los Angeles City Council signed off a new law that limits protesters’ ability to gather outside private residences and forbids people from carrying certain items, such as knives and pepper spray, in city buildings.

  • Los Angeles City Council President Nury Martinez: Many protests are “completely out of control. … This is about protecting our family members, our children, and our neighbors from aggressive, targeted protests at all hours of the day and the night.”
A Busy Remainder of the Year

By CalMatters

California’s pandemic paid sick leave program isn’t the only thing expiring on Sept. 30. Here’s a look at some key deadlines coming up and what they mean for the Golden State:

California is Running Out of Water

Article by Emily Hoeven, CalMatters

“The challenge is there is no water.”

That bleak assessment from Karla Nemeth, director of the state Department of Water Resources, puts the devastating scope of California’s drought into perspective even more sharply than the sea of statistics released Tuesday and reported by CalMatters’ Rachel Becker:

  • 90% of the state is gripped by extreme or exceptional drought.
  • Californians reduced their home water use by just 1.8% in July compared to the same time last year — despite a plea from Gov. Gavin Newsom to cut consumption by 15%.
  • 40% of water suppliers in the South Coast region — which includes Los Angeles, Orange, San Diego and Ventura counties — actually used more water than they did last year.
  • Water systems serving 27 million Californians and 750,000 acres of farmland could receive 0% of their allocation from the State Water Project next year.
  • 80% of endangered winter-run Chinook salmon in the Sacramento River could die this year.

Another indication of how desperate California is for water: Marin County water officials are competing with Mohammed bin Salman, the crown prince of Saudi Arabia, to purchase three portable desalination plants to bolster water supplies.

The dismaying numbers increase pressure on Newsom to issue mandatory statewide water restrictions as then-Gov. Jerry Brown did during the last drought. Newsom, who appeared to be trying to steer clear of unpopular mandates ahead of the Sept. 14 recall election, said in mid-August that such restrictions likely wouldn’t happen until the end of September.

September 20, 2021

What's New with Business?

Free 30-Minute Ransomware Evaluation

Did you know 43% of cyberattacks are aimed at small and medium-sized businesses and only 14% are prepared to defend themselves? It is even more alarming that an estimated 60% of SMBs go out of business within six months of a cyberattack. TPx Communications has developed Security Advisory Services to help SMBs understand these risks and build an actionable plan to secure their organization.

TPx has leveraged their broad experience in security and risk assessments, operations, architectures, policy compliance, privacy and other security domains to deliver a new set of Security Advisory services you can use to solve your organization’s biggest security challenges. TPx is currently offering a 30 Minute evaluation meeting with their Ransomware experts. The meeting results in a free report specific to your ability to recover from a ransomware attack. To schedule your free 30-minute ransomware evaluation, contact manuel.melchor@tpx.com

BBQ and Celebration

The Mi Ocampo Insurance Agency invites you to join them at their inaugural Hispanic Heritage Month BBQ. This community event will be held on October 9th, 2021 at El Roble park from 11:00 am to 4:00 pm. They will be providing complimentary food and soft drinks to celebrate the Hispanic culture and all they have contributed to the community. The staff at Mi Ocampo Insurance looks forward to seeing you and your family join them to celebrate this special month.

Chamber Board Seeks Nominations for the 2022 Spice of Life Awards

The Gilroy Chamber of Commerce Board of Directors invites the community to nominate individuals and businesses for the 2022 Spice of Life awards. Applications are available online at gilroy.org and at the Gilroy Chamber office with the deadline to submit Friday, October 8, 2021. Categories include:

  • 2022 Man and Woman of the Year – designed to acknowledge those persons who have a history of unselfish service to the community, contributing to Gilroy’s welfare and betterment.  
  • 2022 Small and Large Business of the Year – designed to recognize an outstanding Gilroy Chamber of Commerce business that has demonstrated an extraordinary level of excellence and success in areas such as management skills, innovation, personal commitment, community involvement and support, and a contribution to the entrepreneurial spirit. Separate categories are presented based on business size with small businesses being 25 full or part-time employees or less and large businesses with 26 and above full or part-time employees.  
  • 2022 Gilroy Educator of the Year – designed to recognize an outstanding individual who has made a significant contribution within the educational community of Gilroy. 
  • 2022 Firman B. Voorhies Volunteer of the Year – designed to recognize an outstanding Gilroy Chamber of Commerce volunteer. 
  • 2022 Non-Profit of the Year – designed to recognize an outstanding non-profit organization in Gilroy.  
  • 2022 Young Professional of the Year – designed to recognize the accomplishments of a highly motivated young professional who works or lives in South County. Nominees for this award must be between the ages of 21-40 years old. 

Submit your nominations here! 

Important Reminder for Business Owners

The COBRA ARPA Subsidy Expires September 30, 2021, and With It Comes One Last Deadline

Article by The National Law Review

Another pandemic-related employee benefit is coming to an end. Since April 1, 2021, the American Rescue Plan Act of 2021 (ARPA) has provided a subsidy for certain individuals to receive continuation coverage under COBRA. That benefit subsidy period is now coming to an end on September 30, 2021, and with the end of the subsidy period comes one final deadline for employers to provide notices to individuals receiving the subsidy.

As we previously wrote, ARPA requires that notices regarding the expiration of the subsidy must be sent between 15-45 days before the later of the end of an individual’s COBRA coverage or September 30, 2021. With the end of September (and the subsidy period) upon us, that means that the expiration notices for employees still receiving the COBRA subsidy under ARPA must be sent no later than September 15, 2021.

The expiration notice must be written in clear, understandable language that informs the individual that their subsidy benefit under ARPA will soon expire. The notice must also provide the date the subsidy expires and advise the individual that they may have other coverage options available, such as continuing COBRA coverage at their own expense (if applicable) or obtaining coverage under the health insurance marketplace. Thankfully, as with the previous required notices for the COBRA subsidies under ARPA, the Department of Labor has provided a model expiration notice for employers to use.

Coming to a Single Family Home Near You

Changing single-family zoning

By Manuela Tobias, CalMatters 

WHAT THE BILLS WOULD DO

SB 9 would allow most homeowners across the state to build two houses or a duplex where now only one house is allowed. The bill, carried by a team of Democrats led by Senate leader Toni Atkins of San Diego, would also permit eligible homeowners to split their lot and add two more units on the second parcel — as long as it’s at least 1,200 square feet and outside fire hazard zones or historic districts. Owners would have to stay in their homes for at least three years after splitting their lots.  

SB 10 by San Francisco Democratic Sen. Scott Wiener would let a local government rezone single-family parcels to allow as many as 10 units near public transit hubs and within urban areas. 

Both bills would allow homeowners and developers to skip lengthy review processes, but projects would still ultimately be subject to final approval by the city.

WHO SUPPORTS THEM?

The growing Yes in My Backyard movement has been trying to increase density for years, with mostly failed attempts. Realtors, landlords, builders, developers and Facebook all back the bills, which were central to the affordable housing package.

WHO’S OPPOSED?

Dozens of California cities, mayors and council members, including the Los Angeles City Council, say the zoning changes take away local flexibility, decision-making and community input. Neighborhood groups such as Livable California also argue the bill doesn’t create affordable housing, and could spur gentrification. Opponents are already organizing a ballot measure in November 2022 to reassert local control over zoning.

WHY IT MATTERS

About two-thirds of California is zoned for single-family homes, and California is short between  1.8 million and 3.5 million homes, which Newsom campaigned on building by 2025. While a zoning change won’t magically create the missing units, allowing building where it’s now illegal would add to the overall housing stock over time. Together, these bills are the most significant in years approved by the Legislature to address California’s housing crisis; a sweeping bill to reduce local control over zoning and create more affordable housing failed in 2018, 2019 and 2020.    

GOVERNOR’S CALL

Newsom signed both bills on Sept. 16, just two days after beating his recall opponents, who had for the most part vowed to veto similar efforts. In his signing statement, the governor said: “The housing affordability crisis is undermining the California Dream for families across the state, and threatens our long-term growth and prosperity. Making a meaningful impact on this crisis will take bold investments, strong collaboration across sectors and political courage from our leaders and communities to do the right thing and build housing for all.”

California Wildfires Ignite an Insurance Crisis

By Dan Walters, CalMatters

As if California needed another crisis, the state’s seemingly perpetual wildfires are forcing millions of homeowners in fire-prone areas to pay skyrocketing premiums for insurance coverage — if, indeed, they can buy it at all.

As the number and severity of wildfires increase, insurers are increasingly reluctant to renew policies and even if they do, premiums often double or triple.

Insurance is required for most homeowners since their mortgage lenders demand it. And if they cannot obtain regular coverage, they are forced into the insurer of last resort, FAIR, that has very high premiums and limits on coverage.

Insurance Commissioner Ricardo Lara has repeatedly invoked a law he authored three years ago as a state legislator, imposing one-year moratoriums on policy cancellations for property in or immediately adjacent to the sites of major fires.

In 2020, Lara’s moratoriums covered 2.4 million policyholders after fires scorched more than 4 million acres and consumed hundreds of homes and other buildings. When this year’s fires are finally extinguished, including the immense Dixie fire and the Caldor fire that nearly wiped out South Lake Tahoe, Lara will extend the moratoriums to their burn zones.

At best, however, such moratoriums are merely stopgaps. So what, one might ask, are politicians doing about the crisis?

There is some scapegoating. This month, Assemblyman Marc Levine, a Democrat from fire-prone Marin County, fired off a letter to insurance trade groups, telling them, “I do not believe that the costs of utility mismanagement, or the impacts of climate change should be arbitrarily and capriciously passed through to my constituents in the form of homeowners’ insurance being declined, non-renewed, or their insurance premiums being raised exorbitantly. Particularly when there has been no change of conditions or circumstances.”

Circumstances are also beyond insurers’ control as they assess potential losses and calculate whether to offer coverage and if so, what to charge. They cannot, as Levine seems to suggest, ignore the perils regardless of their causes.

Levine later introduced legislation that would have the state become an insurer for those unable to buy coverage elsewhere.

John Norwood, a veteran insurance industry lobbyist, set forth the dilemma in a recent article for an industry publication:

“The availability and affordability of property insurance in California are not likely to change until the worldwide reinsurance market believes California is serious about addressing its wildfire risks and there are demonstrable results in reducing the number and severity of wildfires in the state.

Save on Staples brand products

(links to Affiliate Site)

September 13, 2021

Chamber Board Seeks Nominations for the 2022 Spice of Life Awards

The Gilroy Chamber of Commerce Board of Directors invites the community to nominate individuals and businesses for the 2022 Spice of Life awards. Applications are available online at Gilroy.org and at the Gilroy Chamber office with the deadline to submit Friday, October 8, 2021. Categories include:

  • 2022 Man and Woman of the Year – designed to acknowledge those persons who have a history of unselfish service to the community, contributing to Gilroy’s welfare and betterment.  
  • 2022 Small and Large Business of the Year – designed to recognize an outstanding Gilroy Chamber of Commerce business which has demonstrated an extraordinary level of excellence and success in areas such as management skills, innovation, personal commitment, community involvement and support, and a contribution to the entrepreneurial spirit. Separate categories are presented based on business size with small businesses being 25 full or part-time employees or less and large businesses with 26 and above full or part-time employees.  
  • 2022 Gilroy Educator of the Year – designed to recognize an outstanding individual who has made a significant contribution within the educational community of Gilroy. 
  • 2022 Firman B. Voorhies Volunteer of the Year – designed to recognize an outstanding Gilroy Chamber of Commerce volunteer. 
  • 2022 Non-Profit of the Year – designed to recognize an outstanding non-profit organization in Gilroy.  
  • 2022 Young Professional of the Year – designed to recognize the accomplishments of a highly motivated young professional who works or lives in South County. Nominees for this award must be between the ages of 21-40 years old. 

Submit your nominations here! 

How Would You Answer?

A handful of Gilroy Chamber staff, board members and ambassadors took to the streets Friday morning, September 10th to talk with local business owners. Equipped with a 1-question survey and a pen, each member of the group covered different areas of the business community. Businesses along Mayock Road, Rossi Lane, and Obata Way received a visit as well as downtown businesses, and those along the First Street corridor. 50 businesses participated in the survey. 

Here’s what we found regarding the challenges businesses are facing, according to the survey results:
 
60% of the participants mentioned recruiting staff as their number one concern, though almost every business mentioned recruiting staff as a concern. Next was taxes and regulations followed by technology, workforce development, and then funding.

Click here to participate in the survey. 

Gilroy Chamber Staff, Board  Members, and Ambassadors pose for a picture.

Pictured from left to right: Gilroy Chamber(GCOC) Board Member Carlos Pineda, GCOC Ambassador Andrea Nicolette, GCOC Board Member Manny Bhandal, GCOC Ambassador G Sandhu, GCOC Ambassador Maria Cid, GCOC President/CEO Mark Turner, GCOC Staff Members Candace Van Sambeek, Jude Miranda, and Victoria Valencia

 

California’s Labor Day Lament: A Shortage of Workers

By Dan Walters, CalMatters

An acquaintance had some good news to impart last week: Her son, who operates construction machinery, just got a raise from $43 an hour to $57.

That sounded outlandishly high — the equivalent of well over $100,000 a year — but the most recent “prevailing wage” schedule for Northern California public works projects confirms that $50-plus per hour is commonplace. And that doesn’t include more than $30 per hour in fringe benefits.

It explains why government construction is costly in California, but also undermines the popular belief that one must have a college degree to get a well-paying job.

As well as marking the unofficial end of summer and the beginning of autumn, Labor Day honors the men and women who do the real physical work that society needs to function. They operate machinery, fix our cars and appliances, build our houses, cultivate and deliver our food and do hundreds of other vital tasks.

As I’m writing this column, I’m waiting for a plumber to clear a plugged-up drainage pipe, the kindred soul of the electrician who repaired a faulty circuit a couple of weeks ago. It’s what happens when you live in a nearly 70-year-old home.

Oddly, although California has the nation’s highest poverty rate and one of its highest unemployment rates, employers have hundreds of thousands of jobs going unfilled – from teachers, carpenters and auto mechanics to farm workers and even hamburger flippers. It’s not uncommon for fast food chains to offer $15 per hour, but still not get enough applicants.

The worker shortages indicate that the pandemic may have wrought at least a semi-permanent change in California’s employment scene, and if it persists, it will have a negative impact on the state’s economy.

In decades past, when California has experienced labor shortages, we could count on an inflow of workers from other states and nations to fill the gaps. But foreign migration has slowed to a trickle and California loses more people to other states than it gains.

The Public Policy Institute of California has studied those trends and found that those lacking college educations are most likely to leave the state while those with higher education degrees are more likely to come here from other states.

The exchange may help industries demanding higher education levels and paying high salaries, such as Silicon Valley, but it bodes ill for filling blue collar jobs and even professional positions that are not especially lucrative, such as teaching. 

Ironically, California’s high housing costs drive away the very people we need to build more housing. The situation implies that California must do better in generating skilled workers within itself, rather than relying on migration, and there are some hopeful indications of that attitudinal change.

A recent announcement by Chaffey College, a community college in Fontana, is one such indication. It has received a $2.9 million state grant to build a new welding training facility that will double the number of trainees. Welders are much in demand and earn premium wages.

Last week, the Legislature passed a bill to promote blue-collar trades among high school students.

“We must ensure that trade apprenticeships are presented as an option,” the author of the bill, Assembly member James Ramos, a Highland Democrat, said. “These programs expand workforce opportunities for young people and create a pipeline of skilled employees receiving competitive wages.”

The Chaffey grant and Assembly Bill 643 are refreshing signs that the college-for-all mentality is finally giving way to the reality that we need to train more Californians to do our vital work.

California Housing Plans Need an Overhaul

By Dan Walters, CalMatters

For more than a half-century, California has been trying to nudge county and city governments into generating enough new housing to handle an ever-increasing demand.

The state’s chief tool has been a legal requirement that local government “general plans” include an adequate “housing element.” Every eight years, the state Department of Housing and Community Development issues regional quotas of housing needs which then are divvied up into specific city-by-city goals for zoning enough land to meet projected needs.

The allocations are very controversial, especially in suburban communities, because they run counter to the not-in-my-backyard sentiments of local residents. As housing production falls chronically short of the state’s goals, the cyclic quotas steadily increase and in recent years the state has added penalties for failure.

Obviously, the quota system hasn’t been working very well and researchers at UCLA’s Lewis Center for Regional Policy Studies have concluded that it has a “fundamental flaw” because vacant land being zoned for housing to meet the quotas is only rarely used for housing. Rather, the housing being built — which is still too little — tends to go on other property, including some previously being used for other purposes.

The study focused on what has happened in the San Francisco Bay Area vis-à-vis the housing quotas issued in the last decade for the eight-year period that will end next year.

“The median Bay Area city is on track to approve housing projects on less than 10% of the sites listed in its housing plan,” the study found. “On average, however, cities are achieving a substantial portion of their (too low) housing targets — nearly 60% for the median city — just not on the sites they had selected and presented to the state as likely or apt for development. Across the Bay Area as whole, nearly 70% of housing built during this period was on sites not listed in housing plans.”

While cities zone specific sites to meet quotas, “housing development occurs in a way that is hard to anticipate. In spite of planners’ efforts to select imminently viable sites, they do not.”

The solution, they say, is to create a more realistic set of requirements that identifies all potential sites for housing, a “change (that) may require cities to include many more sites in their housing plan.”

While a more realistic inventory might require more work — and possibly increase local angst — the UCLA team also proposes that “cities receive preemptive credit for housing they expect to be built on sites not listed in their plan.

“The credit would be tied to production on non-inventory sites during the previous period, giving cities an incentive to accommodate much-needed development when it is proposed, even if they can’t anticipate exactly where or what developers will want to build.”

“The Legislature should stop proliferating ever more detailed requirements for a site to be included in the inventory, and instead require cities to consider every parcel on which residential use is allowed,” the UCLA team suggests. “Since cities aren’t very good at picking the sites where developers want to build, the focus should shift to estimating how much housing is likely to be built during the planning period on the entire stock of residentially zoned land in a city.

This is wonky stuff, but important because of the state’s worsening housing shortage. The proposals would shift the housing quotas from an exercise in paper-shuffling into something more likely to produce real results. But implementing it would require an official admission that the current system isn’t working and a willingness to correct its “fundamental flaw.”

California Launches Dedicated Small Business Portal Ahead of National Small Business Week

California’s Office of the Small Business Advocate (CalOSBA), part of the Governor’s Office of Business Economic Development (GO-Biz), announced the launch of calosba.ca.gov – a website that connects California’s small business community with critical resources available through state-funded small business technical assistance program and other state resources.

Small business owners, entrepreneurs, and startups can access the following information:

  • Small business technical assistance centers that offer specialized support for no-cost or at a low-cost
  • Financing information including state and federal capital programs and tax/credit incentive programs
  • Business Learning Center that helps business owners navigate the varying stages of the business development process
  • Permits, licenses, and regulations
  • Access to new markets, including e-commerce, international trade, and procurement and supply chain programs

For more information, visit calosba.ca.gov.

Save on Staples brand products

(links to Affiliate Site)

September 6, 2021

Community Outreach Meeting on a Proposed Indoor Recreational Facility at the Gilroy Sports Park with Sharks Sports & Entertainment LLC.

The City of Gilroy will be hosting a virtual Community Meeting to present plans and receive feedback on a proposed indoor recreational facility at the Gilroy Sports Park.

Since May of 2019, the City has been working with the Sharks organization to assess whether an indoor recreational facility, built and operated in partnership with the Sharks organization, would benefit the community of Gilroy. Conceptual plans currently include two sheets of ice with the possibility of adding a swimming or recreational facility. The community is invited to attend the virtual meeting and provide feedback on the plans and possible additional amenities.

In the event that the City determines that a possible future project is worth further exploration, the appropriate additional studies, reports, and community outreach meetings will be conducted. Any future agreement would be subject to approval by both parties’ respective governing bodies or executive representatives.

  • What: Community Outreach Meeting on a Proposed Indoor Recreational Facility at the Gilroy Sports Park with Sharks Sports & Entertainment LLC.
  • When: September 27, 2021, at 6:00 PM
  • Zoom Meeting Link: bit.ly/3kAID8d
  • ID: 897 4843 3745
  • Passcode: 279443
  • Zoom Call-in: 669-900-6833

Spanish translation will be available.

Controversial Bills Head to Newsom’s Desk

Article by CalMatters

With the legislative session ending on Sept. 10, state lawmakers have less than two weeks to decide the fate of 740 bills — but they lightened their load on Monday by sending two controversial housing bills to Newsom’s desk. The governor has until Oct. 10 — about a month after the recall election — to decide whether to sign or veto them:

Another contentious bill still wending its way through the Legislature: one that would give farmworkers more ways to vote in union elections. Business groups say the proposal is a job killer and would leave farmworkers vulnerable to pressure from union organizers, while supporters say it would limit employers’ ability to deter workers from forming unions, CalMatters’ Grace Gedye reports.

But at least one explosive proposal won’t be making its way to Newsom: Assemblymember Buffy Wicks, an Oakland Democrat, said Monday that she is no longer advancing a plan to mandate vaccines for many indoor venues and force employers to require worker vaccinations or regular COVID testing.

Security Protection Tips to the 4 Most Common Breaches

Content provided by TSYS

During times of instability like that of the COVID-19 global pandemic, cyber threats increase as cybercriminals look to exploit businesses when their attention is turned elsewhere. However, by keeping your eye on security, knowing what vulnerabilities to look for and taking precautionary steps, you can greatly reduce your risk of a breach.

These are the four most common vulnerabilities that cybercriminals are on the hunt for:

  1. Unsecure third-party vendors

One of the most common vulnerabilities that directly impacts the security of your business’ environment is the use of unsecure third-party vendors. These vendors often provide businesses with payment processing services, but not in a secure manner.

Data thieves have learned they can exploit unsafe vendors to reach several customers and compromise the business’ clients’ credit card information. One common example involves vendors utilizing remote access to the customer’s processing environment for routine maintenance. The data thieves looking to exploit a business leverage default passwords or phishing scams directed at the vendor to obtain credentials that grant them access into a business’ environment to deploy malware, ultimately leading to card data being compromised.

“Ensure you know all of the third-party vendors that are involved with your credit card environment, and know their roles in that environment,” advises Stacy Hughes, Chief Information Security Officer at Global Payments. “You should know if those vendors are PCI DSS compliant and if they are implementing their processes securely.”

In addition, verify what security functions your payment provider uses such as encryption, tokenization and 3D Secure to reduce your customer data and fraud risk. A well-secured vendor can offer payment security products that can greatly protect you, and reduce your chance of becoming the victim of a data breach.

  1. Security patches

Another common vulnerability involves security patches. In many cases, businesses are not aware that routine security patches for their firewalls, antivirus software or software platforms are out of date. Software and platform providers often release security updates for users to implement to ensure their software is up to date to protect against cyber-attacks.

“You should complete every necessary security patch on all systems that are linked to your processing environment,” said Hughes. “You can schedule these routinely, so you don’t have to worry about missing any necessary changes.”

  1. Weak or stolen passwords

According to Verizon’s 2019 Data Breach Investigation Report, 80% of hacking-related activities involve compromised or weak credentials. Typically, weak passwords are the result of using default passwords, such as “password,” “welcome,” “12345,” from third-party vendors. In many cases, account holders forget or fail to change the password that was assigned arbitrarily from a third-party vendor to gain first-time entry. The end result? Hackers exploiting this vulnerability.

“It’s imperative that you create unique passwords associated with your computer systems, internet access and payment environment,” Hughes says. “Use strong passwords that include at least seven characters with numbers, symbols and letters – at least one capitalized. And change it frequently, preferably every three months.”

Stolen passwords are easily obtained by hackers through phishing attacks. Hackers pretend to be a legitimate contact (for example, part of the IT team) and reach out to your employees trying to trick them into providing their password.

“It’s crucial to train your employees on how to protect themselves from phishing attacks, as well as on company security policies. For instance, employees should know to never give out their passwords or login credentials and to be suspicious of emails requesting them,” Hughes says.

  1. Ecommerce vulnerabilities

Card data thieves will search websites for a number of vulnerabilities like weak or outdated SSL certificates or software platforms. Software platforms like Adobe’s Magento often release security updates for users to implement to ensure their software can protect against the latest cyber-attacks. However, individuals that are responsible for managing the ecommerce implementations often are not aware, or simply have not taken the necessary steps, to upgrade their solution with these security updates. This leaves them vulnerable to a cyber-attack. Cybercriminals can then utilize JavaScript skimmers where they inject malicious JavaScript code into the merchant’s website to steal the credit card data.

What’s more, cybercriminals are now sophisticated enough to create copies of the merchant’s shopping cart or iFrame so they can steal card data. And, to the cardholder, it appears they are still directly on the merchant’s website when, in fact, they are not.

Any entity that handles credit cards and accepts them as payment is responsible for ensuring they handle all credit card data securely as guided by the Payment Card Industry Data Security Standard (PCI DSS).

To help you stay on top of security, the following due diligence checklist can help:

  • Have your software platforms been patched with any and all security updates? Are you using the latest version of the software?
  • Do you know whose responsibility it is to implement the updates and patches? Yours or the hosted service provider? Visit the PCI Data Security Standards and reference the roles and responsibilities breakdown in the appendix. It’s important to ensure your shopping cart has the most up-to-date security features when accepting payments via the internet. Having a third party such as your payment processor or acquirer maintain or “host” some of these features including JavaScript or iFrames can help better secure your customers’ data.
  • Ensure you’re utilizing the most secure SSLl/TLS certificates such as TLS 1.2
  • Always remember the big three elements present in most breaches:
    • Software updates and patching are baseline controls critical to your security
    • Password management and strong passwords are essential
    • Tightly manage and limit administrative access, as well as any remote access to the administrative portal

If you discover or have been notified that a compromise may have occurred, take these steps:

  • Stop processing on the compromised ecommerce environment, at least temporarily. Seek alternative processing methods such as credit card terminals through dial-up.
  • Do not delete anything or attempt to “clean-up” any data. This could impact the success of any needed investigation.
  • Customers of Global Payments should notify us immediately.
  • Notify your third-party hosting provider (if applicable).

Save on Staples brand products

(links to Affiliate Site)