Beancount.io LogoBeancount.io

20 tagged with "Security"

Protect your financial data with security best practices and tools

View all tags

Beancount MCP: Connect Your Ledger to Claude, Cursor, and Any AI Assistant
·mike

Beancount MCP: Connect Your Ledger to Claude, Cursor, and Any AI Assistant

The Beancount MCP server connects your plain-text ledger to Claude, Cursor, Windsurf, and any MCP-compatible AI client over OAuth 2.1 — ask questions, run BQL queries, and commit ledger edits without leaving your AI tool.

ai
llm
automation
beancount
+7
Business Identity Theft: A Practical Detection and Recovery Playbook for Small Business Owners
·mike

Business Identity Theft: A Practical Detection and Recovery Playbook for Small Business Owners

A 72-hour response playbook for small business owners facing EIN-based tax fraud, registered agent hijacking, or payroll account takeover — including how to file IRS Form 14039-B, place fraud alerts at Dun & Bradstreet, Experian Business, and Equifax Small Business, and harden IRS, Secretary of State, banking, and payroll footprints year-round.

small-business
fraud-detection
fraud-prevention
security
+3
California SB 53 Compliance: A Practical Guide to the Transparency in Frontier AI Act
·mike

California SB 53 Compliance: A Practical Guide to the Transparency in Frontier AI Act

California's SB 53 (Transparency in Frontier AI Act) took operative effect on January 1, 2026, requiring foundation model developers training above 10^26 FLOPs to publish safety frameworks, report critical incidents to Cal OES within 15 days (24 hours for imminent threats), maintain anonymous whistleblower channels, and face civil penalties up to $1 million per violation enforced by the California Attorney General.

ai
llm
compliance
california
+4
SEC Cybersecurity Incident Disclosure: Hitting the Four-Business-Day Clock on Item 1.05 in 2026
·mike

SEC Cybersecurity Incident Disclosure: Hitting the Four-Business-Day Clock on Item 1.05 in 2026

A 2026 operating guide to SEC Item 1.05 Form 8-K cybersecurity disclosure — when the four-business-day clock starts, how to make the materiality call without unreasonable delay, when the Attorney General can grant a delay, the Item 1.05 vs. Item 8.01 trap, and what Regulation S-K Item 106 requires in your annual 10-K.

compliance
security
incident-response
legal
+4
SOC 2 Type II for SaaS Startups: Scope, Survive, and Ship Your First Customer-Driven Audit
·mike

SOC 2 Type II for SaaS Startups: Scope, Survive, and Ship Your First Customer-Driven Audit

A founder's guide to SOC 2 Type II in 2026 — what it actually tests, realistic cost ($20K–$35K first year) and timeline (3–12 month observation window), which Trust Services Criteria to scope, the seven controls that trip startups up, and how to keep enterprise deals moving with Type I bridge letters while the audit runs.

saas
startup
compliance
security
+3
PCI DSS 4.0.1 in 2026: The Small Merchant's Guide to SAQ A, Script Tampering, and MFA
·mike

PCI DSS 4.0.1 in 2026: The Small Merchant's Guide to SAQ A, Script Tampering, and MFA

PCI DSS v4.0.1 governs every 2026 assessment, and FAQ 1588 has narrowed who qualifies for SAQ A. This guide walks small merchants through the new script-tampering rules (6.4.3 and 11.6.1), the 12-character password and MFA requirements, what non-compliance actually costs, and a 12-step checklist for getting it right.

compliance
security
payments
small-business
+4
The 2026 WISP Playbook for Tax Pros and Bookkeepers: Building an FTC Safeguards Rule-Compliant Data Security Program Without a CISO
·mike

The 2026 WISP Playbook for Tax Pros and Bookkeepers: Building an FTC Safeguards Rule-Compliant Data Security Program Without a CISO

A 2026 guide for solo tax preparers and small bookkeeping firms to build a Written Information Security Plan that satisfies the FTC Safeguards Rule's nine elements, the IRS PTIN attestation, and the 30-day breach notification requirement — using IRS Publication 5708 as the scaffold and a 90-day rollout.

security
compliance
tax-preparation
bookkeeping
+4
WISP Compliance: Why Every Tax Pro Needs a Written Information Security Plan in 2026
·mike

WISP Compliance: Why Every Tax Pro Needs a Written Information Security Plan in 2026

A practical guide to building a Written Information Security Plan that satisfies the FTC Safeguards Rule and IRS Publication 5708 — covering the nine required elements, technical controls like MFA and encryption, penalty exposure up to $46,517 per violation per day, and a six-week roadmap for tax preparers, CPAs, and bookkeepers.

security
compliance
tax-compliance
tax-preparation
+4
CMMC 2.0 and NIST 800-171 in 2026: A Small Defense Contractor's Certification Roadmap
·mike

CMMC 2.0 and NIST 800-171 in 2026: A Small Defense Contractor's Certification Roadmap

CMMC 2.0 took effect November 10, 2025, and Level 2 third-party assessments begin November 10, 2026. A practical guide to scope, cost ($80K–$250K over three years), the 14 control families, the POA&M rule, and a 90-day path for small DoD contractors.

compliance
security
small-business
risk-management
+3
SOC 2 Type II for SaaS Startups: Cost, Criteria, and the Six-Month Observation Window
·mike

SOC 2 Type II for SaaS Startups: Cost, Criteria, and the Six-Month Observation Window

A first SOC 2 Type II audit takes a minimum three-month observation window — six months for most enterprise buyers — and runs $45,000 to $150,000 all-in for a sub-fifty-person SaaS startup. Here is what the Trust Services Criteria cover, how to scope the engagement, and the six preparation mistakes that derail first examinations.

compliance
saas
security
startup
+3
Cyber Insurance for Small Businesses in 2026: MFA Requirements, Ransomware Coverage, and Premium Benchmarks
·mike

Cyber Insurance for Small Businesses in 2026: MFA Requirements, Ransomware Coverage, and Premium Benchmarks

S&P forecasts a 15–20% rise in cyber insurance premiums for 2026 after a 126% jump in ransomware incidents. A guide to the controls underwriters now require, typical small business pricing ($1,000–$7,500 for $1M of coverage), and the exclusions behind the 40%+ claim denial rate.

insurance
business-insurance
small-business
risk-management
+3
Credit Card Authorization Forms: A Guide to Recurring Billing, PCI Compliance, and Chargeback Defense
·mike

Credit Card Authorization Forms: A Guide to Recurring Billing, PCI Compliance, and Chargeback Defense

A credit card authorization form documents cardholder consent for charges and is required by card networks for card-not-present and recurring billing. Covers the required fields, PCI DSS storage rules, and how a signed form shifts the burden in chargeback disputes.

payments
compliance
bookkeeping
small-business
+4
Showing 1–12 of 20 posts
1 / 2Next