The IRS and the Security Summit recently released their basic “Security Six” protections that everyone should follow, but placed a special emphasis on the need for tax professionals who are handling sensitive data to adhere to basic security protocols. The IRS Commissioner, Chuck Rettig, stated “The Security Summit partners urge tax professionals to take time this summer to give their data safeguards a thorough review and ensure that these precautions are in place whether they work from home or the office.”
The “Security Six” are:
- Anti-Virus Software – Utilize a trusted Anti-Virus Software and set it to Auto Update. Remember, never click on links within pop-up windows, never download “Free” software from a pop-up window and never follow email links that offer anti-spyware software.
- Firewalls – Firewalls can be categorized as hardware or software. Each has its own advantages, but both provide protection against outside attackers.
- Two-Factor Authentication – Always use two-factor authentication when it is an option, because it really is not even an “option.” It’s mandatory!
- Backup Software/services – Back up your files to an external source and make sure it is encrypted.
- Drive encryption – Tax and accounting professionals have a lot of very sensitive client data and it is the responsibility of the professional to ensure that data is safe. Drive encryption transforms data into unreadable files for unauthorized users and is a must for every professional.
- Virtual Private Network – If you are working remotely, you need to establish an encrypted VPN to provide security, especially in the current Work From Home business environment.
In addition to the “Security Six” outlined above, the IRS and Security Summit partners also recommend that tax professionals review their professional insurance policy to ensure the business is protected in the event of a data theft.
The information included in this article was originally published on IRS.gov.