IRS Safeguard's Rule Cyber Security Social Engineering Customer Data

Renew Your Tax ID Number & Secure Your Data

The Importance of Data Security

It’s time to renew your prepared tax identification number (PTIN) for 2020. A data security responsibilities statement was added to the PTIN renewal process. It was added to keep you aware of your legal obligation to have a data security plan and data protection for taxpayer information. This is due to the Safeguard Rule. The Safeguard Rule states, “financial institutions must protect the consumer information they collect.”

As cyber-criminals continue to attack CPA firms, data security becomes more important. Accounting firms have important and sensitive client information hackers can use to get access to accounts or sell on the dark web. As a result, 71% of cyber breaches are financially motivated, according to a Verizon report on cyber-attacks in 2019. Knowing that, it’s easy to see why the accounting industry is so appealing to a cyber-criminal. Moreover, they steal taxpayer information and file fraudulent tax returns that they benefit from.

IRS Safeguard's Rule Cyber Security Social Engineering Customer Data

Securing Your Data as a CPA

If you’re an accountant or part of CPA firm, don’t fret. There are a few things you could do throughout your day to minimize risk of vulnerability to these attacks and keep your clients safe in the process.

Protect all email accounts with strong passwords. 81% of company data breaches are due to poor passwords, according to another Version report. Cyber criminals, like many people don’t want to work hard, they want to work smart. Therefore, they try and find the simplest route to achieving their objective. This is to say, if their objective is to hack an account the first thing they aim to get access to is password information. For instance, protect email and work accounts by using longer, more complex passwords that use a mix of numbers letters and symbols. Multi factor authentication is an additional way to prevent password access. For example, Nerds Support’s cloud software partner “Workplace”, requires users to log in through their desktops and their mobile devices. If the user fails to confirm they’re attempting to log in to their account within a few seconds, access is denied entirely.

Download anti-phishing software programs that help fight against phishing scams. 92% of malware is delivered through email. In addition, there anti-phishing programs like “avast!” and “Google Safe Browsing” that check pages against potential threats.

Do not open or download any attachments from suspicious or unknown domains. Hackers often use personal information on social media to create the illusion that they’re either existing or potential clients.

Only send password-protected, encrypted documents when files are shared with client over email.

Always back up sensitive data, preferably in a secure external server.

Develop a detailed security plan for clients.

The rising popularity of Cloud Computing

These simple IT solutions for accounting firms won’t replace a secure network and infrastructure. Managed IT for CPA businesses is an investment that will protect a firm from an attack of any kind.  As a result, any accounting firms are choosing to adopt cloud services for CPA firms specifically due to regulation requirements.

Cloud computing has become a strategic investment for many accounting firms. It has real-time responsiveness, a secure and scalable infrastructure, and a multitude of services that adapt to industry specific requirements. Additionally, the cloud helps develop a security plan to ensure an accounting firm complies with the safeguard rule.

The standard for cloud accounting service providers is maintaining compliance. Cloud compliance is the principle that cloud providers must be complaint with standards that the cloud customer faces.

Working in the cloud gives organizations flexible, convenient and secure solutions but it also requires working closely with the cloud provider and IT services team. All cloud providers have something called a Service level agreement.  SLA’s cover things like quality of service, availability and responsibilities of the cloud provider . That is to say, it’s a contract between the cloud provider and the client. Look into SLA’s if and when choosing a service provider.

There is a rising emphasis on data security and protection, as we discussed in the opening paragraph. The cloud is a helpful opportunity to advance your IT infrastructure. Make sure you’re doing everything you can to secure your client’s sensitive data.

If you have any further questions, Contact Us and we’ll be sure to answer them swiftly!