These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
Gifts to family and friends don’t count. As much as you’d like to gift perhaps a worthy nephew, these amounts are not tax-deductible. In fact, if they exceed a certain amount, they could be subject to a gift tax.
Deductions have a cap. Generally, you can deduct up to 60 percent of your adjusted gross income via charitable donations (for cash donations). That said, you may be limited to 20 percent, 30 percent or 50 percent, depending on the type of contribution and the organization. Examples of limited contributions include non-cash gifts, private-foundation gifts, etc. This deduction limit applies to all the donations you make during the year, no matter how many organizations you give to.
Exceeding your limit. If you go over the 60 percent limit of your adjusted gross income, the amount can be deducted from your tax returns over the next five years, or when the money’s gone. This process is known as a carryover. Good news for those who are generous.
Deductions for non-itemizers & itemizers. Specifically, for the 2025 tax year (taxes that are due by April 15, 2026), you’ll have to pivot and itemize to deduct your charitable contributions and get the tax break.
But for the 2026 tax year (taxes due April 15, 2027), the rules change for both types:
If you don’t itemize on your tax return, you can deduct up to $1,000 (single) or $2,000 (married filing jointly) in charitable contributions. This means you can take an above-the-line deduction for the 2026 tax year on the tax return that you’ll file in 2027.
If you do itemize on your tax return, you must donate an aggregate total of at least 0.5 percent of your adjusted gross income to charity to claim the deduction. Only the portion of your total charitable donations that exceeds 0.5 percent is deductible.
Making sure you follow these guidelines will ensure that you can realize your well-deserved deductions and tax breaks. If you have other questions about charitable giving, consult your tax professional. They’ll know all the ins and outs of charitable giving and keep you secure moving forward.
Sources
Tax-Deductible Donations: 2025-2026 Rules for Giving to Charity – NerdWallet
5 Rules for Giving to Charity
December 1, 2025 · Blog, Tip of the Month, Uncategorized
⏱ 3 min read
Giving to charity is good for a couple of reasons. First, giving to organizations you believe in is intrinsically good – for them and for you. When we give, the “love hormone” oxytocin is released. Second, giving can reduce your taxable income, which also might make you feel pretty good. But here are a few things to know before you start doling out your cash.
Make sure you give to an IRS-recognized charity. More specifically, it must be a tax-exempt organization that is defined by section 501(c)(3) of the Internal Revenue Code, which includes entities like religious organizations, the Red Cross, nonprofit educational agencies, museums, volunteer fire companies, and organizations that maintain public parks. Most importantly, you must not have received anything in return for your gift. So before you give, make sure you verify your organization with this handy IRS tool. It’s super important to do this before you donate, and be sure to ask how much of your contribution will be tax-deductible. This is key.
Gifts to family and friends don’t count. As much as you’d like to gift perhaps a worthy nephew, these amounts are not tax-deductible. In fact, if they exceed a certain amount, they could be subject to a gift tax.
Deductions have a cap. Generally, you can deduct up to 60 percent of your adjusted gross income via charitable donations (for cash donations). That said, you may be limited to 20 percent, 30 percent or 50 percent, depending on the type of contribution and the organization. Examples of limited contributions include non-cash gifts, private-foundation gifts, etc. This deduction limit applies to all the donations you make during the year, no matter how many organizations you give to.
Exceeding your limit. If you go over the 60 percent limit of your adjusted gross income, the amount can be deducted from your tax returns over the next five years, or when the money’s gone. This process is known as a carryover. Good news for those who are generous.
Deductions for non-itemizers & itemizers. Specifically, for the 2025 tax year (taxes that are due by April 15, 2026), you’ll have to pivot and itemize to deduct your charitable contributions and get the tax break.
But for the 2026 tax year (taxes due April 15, 2027), the rules change for both types:
If you don’t itemize on your tax return, you can deduct up to $1,000 (single) or $2,000 (married filing jointly) in charitable contributions. This means you can take an above-the-line deduction for the 2026 tax year on the tax return that you’ll file in 2027.
If you do itemize on your tax return, you must donate an aggregate total of at least 0.5 percent of your adjusted gross income to charity to claim the deduction. Only the portion of your total charitable donations that exceeds 0.5 percent is deductible.
Making sure you follow these guidelines will ensure that you can realize your well-deserved deductions and tax breaks. If you have other questions about charitable giving, consult your tax professional. They’ll know all the ins and outs of charitable giving and keep you secure moving forward.
Sources
Tax-Deductible Donations: 2025-2026 Rules for Giving to Charity – NerdWallet
Disclaimer
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
According to insights from the SANS keynote at the RSAC 2025 Conference, attackers are increasingly exploiting this sprawl to gain legitimate, persistent access that bypasses multifactor authentication (MFA), security information and event management (SIEM) alerts, and endpoint detection and response (EDR) visibility altogether.
What is Authorization Sprawl?
Authorization sprawl occurs when access permissions multiply uncontrollably across systems, users, and applications. Every time a team or department adds a new SaaS integration, service account, or API key, another layer of permission is introduced.
In an attempt to make access to multiple applications easy, users also have single sign-on (SSO), designed to help log in once and access multiple applications securely. Here, users are granted access to several connected systems through SSO, adding to the authorization sprawl problem.
Over time, all these factors create a complex ecosystem that even security teams have a hard time tracing who can access what.
Unlike authentication, which verifies who someone is, authorization determines what one can do. When permissions expand without review, attackers take advantage of forgotten tokens, dormant accounts, or outdated roles to move freely inside systems.
Why Traditional Defenses Miss It
Most defenses focus on identity verification, such as MFA, conditional access, and endpoint protection. But once a user is authenticated, there is no monitoring. This is the blind spot that attackers exploit. Instead of breaking in, they log in using legitimate session tokens, application programming interface (API) keys, or open authorization (OAuth) grants.
The misuse of valid credentials or access tokens enables cloud-related breaches. These attacks bypass traditional detection tools because they appear to be normal activity by authorized users.
A recent incident involving Salesloft’s Drift application highlights how damaging authorization sprawl can be. Drift, an AI chatbot often integrated with Salesforce, was exploited after attackers gained access to Salesloft’s GitHub account and later its AWS environment. From there, they stole OAuth tokens and authentication credentials, exposing Salesforce data from potentially hundreds of organizations. This incident is an example of how interconnected SaaS systems and unchecked authorization links can create a cascading breach effect, where one weak point leads to multiple breaches across services.
The Business Impact of Authorization Sprawl
Aside from increasing technical risk, authorization sprawl erodes compliance, governance, and trust.
Regulatory Exposure – Frameworks like GDPR, SOC 2, and HIPAA require strict access control and auditability. Untracked permissions make demonstrating compliance nearly impossible.
Operational Risk – An overprivileged account can unintentionally leak data, delete configurations, or expose APIs.
False Sense of Security – Zero Trust frameworks often stop at identity verification. Failing to continuously validate authorization is equivalent to protecting the front door while leaving internal doors wide open.
How to Fix Authorization Sprawl
Luckily, solving this problem does not require removing existing security controls but rather extending visibility and discipline into authorization.
Conduct Regular Access Audits – Map users, roles, and permissions across your environment. Be sure to look for redundant privileges, dormant accounts, and orphaned API keys. Use tools that help visualize hidden paths and privilege escalation routes.
Implement Structured Access Control – Use frameworks like role-based access control (RBAC) or attribute-based access control (ABAC). Standardizing roles ensures fewer exceptions and easier auditing.
Automate Reviews and Revocations – Integrate identity and access management (IAM) with HR systems so access automatically changes when employees leave or change roles. This helps eliminate the temporary access that never gets removed.
Shorten Token Lifetimes and Rotate Credentials – Session tokens and personal access tokens (PATs) should have an expiration period, such as 30 to 90 days. Using automated key rotation policies will help prevent long-lived access tokens from becoming backdoors.
Enforce the Principle of Least Privilege – Grant users and systems only the minimum access needed.
Extend Zero Trust to Authorization – Verification shouldn’t end with login. Apply continuous authorization checks.
Conclusion
As cloud ecosystems, APIs, and integrations continue to multiply, authorization complexity will grow exponentially. Businesses that invest in mapping and controlling authorization sprawl will stay ahead of both attackers and regulators. In cybersecurity, visibility equals control, and this begins with knowing exactly who can do what.
Why Authorization Sprawl Is the Next Big Security Blind Spot and How to Fix It
November 1, 2025 · Blog, Uncategorized, What’s New in Technology
⏱ 4 min read
Despite major investments in cybersecurity, organizations continue to face breaches. Most security mechanisms implemented guard against threats such as password theft. However, there is a growing concern with the unchecked expansion of user access, permissions, and tokens across apps, clouds, and systems.
This growing challenge is known as authorization sprawl, and it is becoming one of the most dangerous and least visible threats in modern enterprise security.
According to insights from the SANS keynote at the RSAC 2025 Conference, attackers are increasingly exploiting this sprawl to gain legitimate, persistent access that bypasses multifactor authentication (MFA), security information and event management (SIEM) alerts, and endpoint detection and response (EDR) visibility altogether.
What is Authorization Sprawl?
Authorization sprawl occurs when access permissions multiply uncontrollably across systems, users, and applications. Every time a team or department adds a new SaaS integration, service account, or API key, another layer of permission is introduced.
In an attempt to make access to multiple applications easy, users also have single sign-on (SSO), designed to help log in once and access multiple applications securely. Here, users are granted access to several connected systems through SSO, adding to the authorization sprawl problem.
Over time, all these factors create a complex ecosystem that even security teams have a hard time tracing who can access what.
Unlike authentication, which verifies who someone is, authorization determines what one can do. When permissions expand without review, attackers take advantage of forgotten tokens, dormant accounts, or outdated roles to move freely inside systems.
Why Traditional Defenses Miss It
Most defenses focus on identity verification, such as MFA, conditional access, and endpoint protection. But once a user is authenticated, there is no monitoring. This is the blind spot that attackers exploit. Instead of breaking in, they log in using legitimate session tokens, application programming interface (API) keys, or open authorization (OAuth) grants.
The misuse of valid credentials or access tokens enables cloud-related breaches. These attacks bypass traditional detection tools because they appear to be normal activity by authorized users.
A recent incident involving Salesloft’s Drift application highlights how damaging authorization sprawl can be. Drift, an AI chatbot often integrated with Salesforce, was exploited after attackers gained access to Salesloft’s GitHub account and later its AWS environment. From there, they stole OAuth tokens and authentication credentials, exposing Salesforce data from potentially hundreds of organizations. This incident is an example of how interconnected SaaS systems and unchecked authorization links can create a cascading breach effect, where one weak point leads to multiple breaches across services.
The Business Impact of Authorization Sprawl
Aside from increasing technical risk, authorization sprawl erodes compliance, governance, and trust.
Regulatory Exposure – Frameworks like GDPR, SOC 2, and HIPAA require strict access control and auditability. Untracked permissions make demonstrating compliance nearly impossible.
Operational Risk – An overprivileged account can unintentionally leak data, delete configurations, or expose APIs.
False Sense of Security – Zero Trust frameworks often stop at identity verification. Failing to continuously validate authorization is equivalent to protecting the front door while leaving internal doors wide open.
How to Fix Authorization Sprawl
Luckily, solving this problem does not require removing existing security controls but rather extending visibility and discipline into authorization.
Conduct Regular Access Audits – Map users, roles, and permissions across your environment. Be sure to look for redundant privileges, dormant accounts, and orphaned API keys. Use tools that help visualize hidden paths and privilege escalation routes.
Implement Structured Access Control – Use frameworks like role-based access control (RBAC) or attribute-based access control (ABAC). Standardizing roles ensures fewer exceptions and easier auditing.
Automate Reviews and Revocations – Integrate identity and access management (IAM) with HR systems so access automatically changes when employees leave or change roles. This helps eliminate the temporary access that never gets removed.
Shorten Token Lifetimes and Rotate Credentials – Session tokens and personal access tokens (PATs) should have an expiration period, such as 30 to 90 days. Using automated key rotation policies will help prevent long-lived access tokens from becoming backdoors.
Enforce the Principle of Least Privilege – Grant users and systems only the minimum access needed.
Extend Zero Trust to Authorization – Verification shouldn’t end with login. Apply continuous authorization checks.
Conclusion
As cloud ecosystems, APIs, and integrations continue to multiply, authorization complexity will grow exponentially. Businesses that invest in mapping and controlling authorization sprawl will stay ahead of both attackers and regulators. In cybersecurity, visibility equals control, and this begins with knowing exactly who can do what.
Disclaimer
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
Black Friday, November 28. It’s probably the most famous shopping day of the year, where you’ll find huge price cuts across all categories. If you’re into tech stuff, head to Apple, AT&T Wireless, Dell, Google, HP, Lenovo, or Micro Center to start. The big box places to hit are Walmart, Target, and Sam’s Club. For home goods, you’ll find savings at Bed, Bath & Beyond, Ashley Furniture, and Crate & Barrel. If you want a comprehensive list, go to blackfriday.com. (See? There’s even a website dedicated to this day!) But get ready to scroll because there’s a lot there.
Small Business Saturday, November 29. Originally launched in 2010 by American Express, this day is all about shopping at your local stores. So hit your neighborhood shops, markets, coffee shops, and boutiques to support your friends and neighbors. If you don’t know where to start and don’t have a lot of time, just Google “small business Saturday sales near me” and you’ll be good to go.
Cyber Monday, December 1. To cap off all the November savings, you can’t forget this day. And yes, it’s not technically in November, but that’s OK. This date is great because you can let your fingers do the shopping. Online-only offers are king, so hunker down and start searching. Some places with the biggest deals are, again, (and not surprisingly) Amazon, Target, and Walmart – the big three. For more price-cutting goodness, go here.
Life gets busy around this time of year, but if you take a moment, get your list and hit a few of the aforementioned stores, you’ll be way ahead come the holidays. And that just might be the best gift of all.
Get a Jump on Holiday Shopping: Key November Dates
November 1, 2025 · Blog, Tip of the Month, Uncategorized
⏱ 3 min read
For some of us, last-minute holiday shopping is just what we do. That said, it’s probably never fun, and two things invariably seem to happen: The gifts you want aren’t available, and you end up paying too much. That’s why shopping in November to get the best savings on what you want just might be the right thing to do this year. Here are a few sales dates to put on your calendar.
Singles Day, November 11. Originally started in China as a humorous “anti-Valentine’s Day” event, it’s become one of the biggest shopping days of the year, surpassing Black Friday and Cyber Monday. To top it off, the date, 11/11, was chosen because it symbolizes, you guessed it, four ones – aka singles. On this day, you can find huge discounts at a lot of high-end clothing stores like Athleta, Nordstrom, Lululemon, Abercrombie & Fitch, Madewell, Neiman-Marcus, and J. Crew, to name a few.
Pre-Black Friday, November 20-27. Yes, there is such a thing, as if Black Friday isn’t enough in and of itself. Nevertheless, lots of retailers get in on this. This year, you’ll want to check out early access on holiday deals at Costco, Lowe’s, Best Buy, as well as Kohl’s, GameStop, and PetSmart. You can find other merchants who offer deep discounts here.
Black Friday, November 28. It’s probably the most famous shopping day of the year, where you’ll find huge price cuts across all categories. If you’re into tech stuff, head to Apple, AT&T Wireless, Dell, Google, HP, Lenovo, or Micro Center to start. The big box places to hit are Walmart, Target, and Sam’s Club. For home goods, you’ll find savings at Bed, Bath & Beyond, Ashley Furniture, and Crate & Barrel. If you want a comprehensive list, go to blackfriday.com. (See? There’s even a website dedicated to this day!) But get ready to scroll because there’s a lot there.
Small Business Saturday, November 29. Originally launched in 2010 by American Express, this day is all about shopping at your local stores. So hit your neighborhood shops, markets, coffee shops, and boutiques to support your friends and neighbors. If you don’t know where to start and don’t have a lot of time, just Google “small business Saturday sales near me” and you’ll be good to go.
Cyber Monday, December 1. To cap off all the November savings, you can’t forget this day. And yes, it’s not technically in November, but that’s OK. This date is great because you can let your fingers do the shopping. Online-only offers are king, so hunker down and start searching. Some places with the biggest deals are, again, (and not surprisingly) Amazon, Target, and Walmart – the big three. For more price-cutting goodness, go here.
Life gets busy around this time of year, but if you take a moment, get your list and hit a few of the aforementioned stores, you’ll be way ahead come the holidays. And that just might be the best gift of all.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.
Epstein Files Transparency Act (HR 4405) – The purpose of this bill is to require the Department of Justice to release all documents and records in its possession of investigations and court cases related to Jeffrey Epstein. Epstein was previously convicted of soliciting prostitution from an underage girl, and also faced new sex trafficking charges prior to his 2019 death in custody. The files are expected to reveal the names of other people involved in the sex trafficking scheme. The act was initially introduced by Rep. Ro Khanna (D-CA) on July 15. It was updated and passed in the House on Nov. 18, in the Senate the next day, with only one opposing vote between the two chambers. The bill was signed into law by the president on Nov. 19. The DOJ has up to 30 days to release the documents, which may be lightly redacted to protect against unwarranted invasion of privacy, such as victim names and medical data.
