You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

IRS - Taxes. Security. Together.

In response to the overwhelming number of attacks on tax professionals, the IRS convened its Security Summit to provide guidance to the industry on cyber security and data protection. Out of this year’s summit, the IRS and partners developed the “Taxes-Security-Together Checklist.”

All of the elements in the Checklist can be provided by our excellent Partners. We encourage you to use the summary below with your CPA clients:

Step 1: Deploy “Security Six” basic safeguards

  • Activate anti-virus softwareUse a firewall
  • Use two-factor authentication
  • Use backup software/services
  • Use drive encryption
  • Create and secure Virtual Private Networks

Step 2: Create a data security plan

  • Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data
  • Tax professionals are asked to focus on key risk areas such as employee management and training; information systems; and detecting and managing system failures

Step 3: Educate and Test your organization on Phishing and Social Engineering

  • Train all employees on Phishing emails and Social Engineering risks
  • Test all employees to ensure safe data security behaviors
  • Educated employees are the key to avoiding phishing scams, and office systems are only as safe as the least informed employee

Step 4: Recognize the signs of client data theft

  • Train your organization to be alert for signs of data theft
  • Clients receive IRS letters about suspicious tax returns in their name.
  • More tax returns filed with a practitioner’s Electronic Filing Identification Number than submitted.
  • Clients receive tax transcripts they did not request.

Step 5: Create a data theft recovery plan including:

  • Contact the local IRS Stakeholder Liaison immediately.
  • Assist the IRS in protecting clients’ accounts.
  • Contract with a cybersecurity expert to help prevent and stop thefts.

Ready to learn more? Connect with us here!

Links to the IRS pages:
Step 1 - Deploy “Security-Six”
Step 2 - Create a data security plan
Step 3 - Educate and Test on Phishing and Social Engineering
Step 4 - Be alert for signs of data theft
Step 5 - Create a data theft recovery plan

Joel Cahill

Cyber security enthusiast. Entrepreneur.