In response to the overwhelming number of attacks on tax professionals, the IRS convened its Security Summit to provide guidance to the industry on cyber security and data protection. Out of this year’s summit, the IRS and partners developed the “Taxes-Security-Together Checklist.”
All of the elements in the Checklist can be provided by our excellent Partners. We encourage you to use the summary below with your CPA clients:
Step 1: Deploy “Security Six” basic safeguards
Activate anti-virus softwareUse a firewall
Use two-factor authentication
Use backup software/services
Use drive encryption
Create and secure Virtual Private Networks
Step 2: Create a data security plan
Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data
Tax professionals are asked to focus on key risk areas such as employee management and training; information systems; and detecting and managing system failures
Step 3: Educate and Test your organization on Phishing and Social Engineering
Train all employees on Phishing emails and Social Engineering risks
Test all employees to ensure safe data security behaviors
Educated employees are the key to avoiding phishing scams, and office systems are only as safe as the least informed employee
Step 4: Recognize the signs of client data theft
Train your organization to be alert for signs of data theft
Clients receive IRS letters about suspicious tax returns in their name.
More tax returns filed with a practitioner’s Electronic Filing Identification Number than submitted.
Clients receive tax transcripts they did not request.
Step 5: Create a data theft recovery plan including:
Contact the local IRS Stakeholder Liaison immediately.
Assist the IRS in protecting clients’ accounts.
Contract with a cybersecurity expert to help prevent and stop thefts.
Big Media is jumping on the cyber crime storyline. And for good reason! Ransomware attacks are taking a growing toll on government agencies, hospitals and many other organizations.The story details some of this year's biggest incident's, including public school closures and delayed surgeries at compromised hospitals. In a case
The volume and severity of cyber attacks on American businesses has caught the attention of Big Media. CNN's report explains the steps hackers take, and each attack "starts innocently enough, with an email. But when someone clicks the link inside, hackers quickly take over." "The most common way for attackers