Security Summit Releases “Taxes-Security-Together” Checklist – Do You Know How To Protect The Tax Payer?
Cybercrime has plagued the financial services industry – and specifically, taxpayers – for years. But thanks to continued efforts by cybersecurity leaders and tax professionals, it has been getting better.
In fact, over the course of three years from 2015 to 2018, identity theft reported among taxpayers dropped an astounding 71 percent, and confirmed identity theft returns stopped by the IRS dropped 54 percent.
But that doesn’t mean you can relax. Regardless of how effective recent cybersecurity efforts have been, members of the IRS, state tax agencies, and other tax professionals continue to encourage everyone to work even harder to prevent further damage. To help, they’ve developed a vital resource – the “Taxes-Security-Together” Checklist.
What Is The “Taxes-Security-Together” Checklist?
This checklist — developed in partnership between the IRS, states, and private tax sector community, known as the Security Summit – details clearly defined steps that tax professionals can follow to mitigate known cybercrime threats.
“The IRS, the states, and the private-sector tax industry have taken major steps to protect taxpayers and their data,” said IRS Commissioner Chuck Rettig in a press release. “But a major risk remains, regardless of whether you are the sole tax practitioner in your office or part of a multi-partner accounting firm. To help with this, we assembled a security checklist to assist the tax community. We hope tax professionals will use our checklist as a starting point to do everything necessary to protect their client’s data.”
What Is Included On The “Taxes-Security-Together” Checklist?
The “Taxes-Security-Together” Checklist is broken into 5 main steps:
- Deploy the “Security Six” measures:
- Activate anti-virus software.
- Use a firewall.
- Opt for two-factor authentication when it’s offered.
- Use backup software/services.
- Use Drive encryption.
- Create and secure Virtual Private Networks.
- Create a data security plan:
- Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data.
- The security plan requirement is flexible enough to fit any tax preparation firm size, from small to large.
- Tax professionals are asked to focus on key risk areas such as employee management and training, information systems, and detecting and managing system failures.
- Educate yourself and be alert to key email scams, a frequent risk area involving:
- Learn about spear-phishing emails.
- Beware ransomware.
- Recognize the signs of client data theft:
- Clients receive IRS letters about suspicious tax returns in their name.
- More tax returns filed with a practitioner’s Electronic Filing Identification Number than submitted.
- Clients receive tax transcripts they did not request.
- Create a data theft recovery plan, including:
- Contact the local IRS Stakeholder Liaison immediately.
- Assist the IRS in protecting clients’ accounts.
- Contract with a cybersecurity expert to help prevent and stop thefts.
How Can You Implement The “Taxes-Security-Together” Checklist?
When it comes to protecting against the ongoing, evolving cybersecurity threats in play today, managing cybersecurity is, understandably, a tall order.
To implement the whole of this checklist and effectively fill the role of an IT company, you would need…
- The knowledge of how to select, install, manage, and maintain increasingly complex IT security systems. Do you have that kind of know-how?
- The time to both maintain systems on an ongoing basis and respond to events as they occur. If you can’t afford to make IT your full-time job, then do you think you can stay on top of it?
- The resources to learn what you and your staff need to know about modern cybercrime methodology, test that knowledge, and update it regularly. Do you know where to find that info? Do you have the time for that kind of cybercrime “curriculum”?
- Managing your cybersecurity means you need to take a holistic approach, incorporating and considering every aspect of a truly secure environment. However, that may, understandably, be beyond the scope of many business leaders…
Are You Unsure About How To Implement The “Taxes-Security-Together” Checklist?
That’s understandable. You may not have the time or resources to handle each step in an effective manner. The good news is, you don’t have to handle it on your own.
Instead, it’s recommended that you outsource their cybersecurity management tasks to a more capable, more available IT company like Infiniwiz. Doing so will also guarantee a level of quality and consistency in the management and maintenance of your cybersecurity technologies and best practices that can’t be achieved by you or someone on your staff trying to manage it all on their own.
Like this blog? Check out the following articles to learn more: