When it comes to protecting the vital data of your business and your clients, it all comes down to people.
Cybersecurity experts refer to what they call the 90/10 Rule: Ten percent of cybersecurity relies on technology; the remaining 90 percent is up to users.
With the IRS reporting data breaches among tax professionals at the rate of three to five a week, no one can afford to ignore cybersecurity for their tax business.
Don’t Take the Bait
Making daily security a priority is part of the “Don’t Take the Bait” campaign, a 10-part series aimed at tax professionals. The IRS, state tax agencies and the tax industry, working together as the Security Summit, urge practitioners to work to protect their clients and themselves from cybersecurity threats. This is part of the ongoing Protect Your Clients; Protect Yourself effort.
“Tax professionals should not overlook the importance of protecting their systems and their data,” said IRS Commissioner John Koskinen. “Cybercriminals are increasingly targeting the tax community and tax practitioners play a critical role in helping safeguard their client data as well as their own. Taking a few critical steps can help tax professionals avoid a devastating situation for their business and the taxpayers they serve.”
The level of data security within your office is only as strong as the least-informed employee. And security awareness can’t just stop at your front door; it should extend all the way home. The IRS is well aware of instances where a breach of a tax preparer’s data system actually started at the home of an employee working remotely.
Where to Start?
If you don’t already have a plan from a qualified cybersecurity expert, take a look at the small business guide from the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. The guide is over 50 pages long.
Taxing Subjects readers can get their copy of a more condensed set of NIST recommendations here: