The Oceanside Chamber of Commerce
The Oceanside Chamber's

Member News

Oceanside Chamber of Commerce
  • Oceanside
    • About Oceanside >
      • History of Oceanside
      • Demographics
      • Arts and Culture
      • Education
      • Employment
      • Health Care
      • Religious Organizations
      • Local Government and Services
      • Retiring in Oceanside
      • Oceanside Maps
    • Visitor Information >
      • Beaches
      • Accommodations
      • Groups and Meeting
    • Things to Do >
      • Oceanside Events >
        • Downtown History Walks
        • Farmers Market
        • Sunset Market
      • Shopping >
        • Coupons
      • Dining
      • Surfing
      • Regional Attractions
    • Volunteer Opportunities
  • Business Directory
    • All Categories
    • Coupons
    • New Members
  • Media
    • Publications >
      • Advertising Your Business
      • Best of Oceanside Magazine
      • Military Publications
    • Member News
    • Blog
    • Advancing Oceanside Podcast
  • Chamber
    • Membership >
      • Member Portal
      • Application
      • Testimonials >
        • Digital Plaque - Oceanside Chamber Member
    • Advocacy >
      • Chamber Political Action Committee
      • Public Policy Guidelines
    • Our Work >
      • 2023 Annual Report
      • 2023 Strategic Priorities
      • Committees - Task Forces - Forums
    • Oceanside Young Professionals
    • Oceanside Leadership Academy
    • Workforce Development >
      • SOCAL Workforce
      • Pooled Employer Plan
      • Kindness
      • Frontline Friendly
    • Our Team >
      • Chamber Staff
    • Chamber Trip: Sights of Scotland
    • Privacy Policy
  • Events
    • Signature Chamber Events >
      • Meet the City of Oceanside
      • Armed Forces Day Operation Appreciation
      • Coastal Business Expo
      • North County Health Fair
      • Heroes of Oceanside and Camp Pendleton
      • Oceanside Senior Showcase
      • Rising Star Student Program
    • Monthly Chamber Events
    • Annual OCC Mixer Passs
    • Oceanside Community Events
  • Resources
    • Community Resources
    • Local Business Resources
    • Military Resources
    • Sustainability Resources

IRS, states and industry outline ‘Security Six’ protections to help tax professionals and taxpayers be safer online

8/19/2019

 
Picture
Using a new “Taxes-Security-Together” Checklist, the Internal Revenue Service and the Security Summit partners urged tax professionals to review critical security steps to ensure they are fully protecting their computers and email as well as safeguarding sensitive taxpayer data.
The Security Summit partners – the IRS, states and tax industry – urge tax professionals to take time this summer to give their data safeguards a thorough review. To help the tax community, the Summit created a “Taxes-Security-Together” Checklist as a starting point for analyzing office data security.

In the first of a five-part weekly series, the initial step on the checklist involves the “Security Six” protections. These steps fall into several major security categories.

“These six steps are simple actions that anyone can take,” said IRS Commissioner Chuck Rettig. “The important thing to remember is that every tax professional, whether a sole practitioner or a partner in a large firm, is a potential target for cybercriminals. No tax business should assume they are too small or too smart to avoid identity thieves.”

Although the Security Summit – a partnership between the IRS, states and the private-sector tax community – is making major progress against tax-related identity theft, cybercriminals continue to evolve, and data thefts at tax professionals’ offices continue. Thieves use stolen data from tax practitioners to create fraudulent returns that are harder to detect.

The Security Summit partnership urges tax professionals across the nation to remember these basic steps to help in the battle against identity theft.

Deploy the ‘Security Six’ steps for basic protections
The following are the basic protections that everyone, especially tax professionals handling sensitive data, should deploy:

  1. Anti-virus software - Although details may vary between commercial products, anti-virus software scans computer files or memory for certain patterns that may indicate the presence of malicious software (also called malware). Anti-virus software (sometimes more broadly referred to as anti-malware software) looks for patterns based on the signatures or definitions of known malware from cyber criminals. Anti-virus vendors find new issues and update malware daily, so it is important that people have the latest updates installed on their computer, according to the U.S. Computer Emergency Readiness Team (US-CERT), a division of the Department of Homeland Security. Once users have installed an anti-virus package, they should scan their entire computer periodically by doing:
  • Automatic scans – Most anti-virus software can be configured to automatically scan specific files or directories in real time and prompt users at set intervals to perform complete scans.
  • Manual scans – If the anti-virus software does not automatically scan new files, users should manually scan files and media received from an outside source before opening them. This manual process includes:
    • Saving and scanning email attachments or web downloads rather than opening them directly from the source.
    • Scanning portable media, including CDs and DVDs, for malware before opening files.

Sometimes the software will produce a dialog box with an alert that it has found malware and asks whether users want it to “clean” the file (to remove the malware). In other cases, the software may attempt to remove the malware without asking first.

When selecting an anti-virus package, users should learn about its features, so they know what to expect. Keep security software set to automatically receive the latest updates so that it is always current.

A reminder about spyware, a category of malware intended to steal sensitive data and passwords without the user’s knowledge: Strong security software should protect against spyware. But remember, never click links within pop-up windows, never download “free” software from a pop-up, never follow email links that offer anti-spyware software. The links and pop-ups may be installing the spyware they claim to be eliminating.

A reminder about phishing emails: A strong security package also should contain anti-phishing capabilities. Never open an email from a suspicious source, click on a link in a suspicious email or open an attachment – or else you could be a victim of a phishing attack and you and your clients’ data could be compromised
  1. Firewalls - Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary web traffic and preventing malicious software from accessing your systems. Firewalls can be configured to block data from certain suspicious locations or applications while allowing relevant and necessary data through, according to US-CERT.
Firewalls may be broadly categorized as hardware or software. While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use:
  • Hardware – Typically called network firewalls, these external devices are positioned between a computer and the internet (or another network connection). Hardware-based firewalls are particularly useful for protecting multiple computers and control the network activity that attempts to pass through them.
  • Software – Most operating systems include a built-in firewall feature that should be enabled for added protection even if using an external firewall. Firewall software can also be obtained as separate software from a local computer store, software vendor or ISP. If downloading firewall software from the internet, make sure it is from a reputable source (such as an established software vendor or service provider) and offered via a secure website.

While properly configured firewalls may be effective at blocking some cyber-attacks, don’t be lulled into a false sense of security. Firewalls do not guarantee that a computer will not be attacked. Firewalls primarily help protect against malicious traffic, not against malicious programs (malware), and may not protect the device if the user accidentally installs malware. However, using a firewall in conjunction with other protective measures (such as anti-virus software and safe computing practices) will strengthen resistance to attacks.

The Security Summit reminds tax pros that anti-virus software and firewalls cannot protect data if computer users fall for email phishing scams and divulge sensitive data, such as usernames and passwords. The Summit reminds the tax community that users, not the software, is the first-line of defense in protecting taxpayer data.
  1. Two-factor authenticationMany email providers now offer customers two-factor authentication protections to access email accounts. Tax professionals should always use this option to prevent their accounts from being taken over by cybercriminals and putting their clients and colleagues at risk.
Two-factor authentication helps by adding an extra layer of protection beyond a password. Often two-factor authentication means the returning user must enter credentials (username and password) plus another step, such as entering a security code sent via text to a mobile phone. The idea is a thief may be able to steal the username and password but it’s highly unlikely they also would have a user’s mobile phone to receive a security code and complete the process.

The use of two-factor authentication and even three-factor authentication is on the rise, and tax preparers should always opt for a multi-factor authentication protection when it is offered, whether on an email account or tax software account or any password-protected product.

IRS Secure Access, which protects IRS.gov tools including e-Services, is an example of two-factor authentication.

Tax pros can check their email account settings to see if the email provider offers two-factor protections.
  1. Backup software/services - Critical files on computers should routinely be backed up to external sources. This means a copy of the file is made and stored either online as part of a cloud storage service or similar product. Or, a copy of the file is made to an external disk, such as an external hard drive that now comes with multiple terabytes of storage capacity. Tax professionals should ensure that taxpayer data that is backed up also is encrypted – for the safety of the taxpayer and the tax pro.
  2. Drive encryption - Given the sensitive client data maintained on tax practitioners’ computers, users should consider drive encryption software for full-disk encryption. Drive encryption, or disk encryption, transforms data on the computer into unreadable files for an unauthorized person accessing the computer to obtain data. Drive encryption may come as a stand-alone security software product. It may also include encryption for removable media, such as a thumb drive and its data.
  3. Virtual Private Network - If a tax firm’s employees must occasionally connect to unknown networks or work from home, establish an encrypted Virtual Private Networks (VPN) to allow for a more secure connection. A VPN provides a secure, encrypted tunnel to transmit data between a remote user via the Internet and the company network. Search for “Best VPNs” to find a legitimate vendor; major technology sites often provide lists of top services.


How to get started with the ‘Security Six’ All tax professionals also should review their professional insurance policy to ensure the business is
protected should a data theft occur. Some insurance companies will provide cybersecurity experts for their clients.

These experts can help with technology safeguards and offer more advanced recommendations.

Having the proper insurance coverage is a common recommendation from tax professionals who have experienced data thefts.


Additional resources

Tax professionals also can get help with security recommendations by reviewing the recently revised IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security: the Fundamentals by the National Institute of Standards and Technology. Publication 5293, Data Security Resource Guide for Tax Professionals, provides a compilation data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media.

The Taxes-Security-Together Checklist

During this special Security Summit series, the checklist highlights these key areas for tax professionals:
  • Deploy “Security Six” basic safeguards
  • Create data security plan
  • Educate yourself on phishing scams
  • Recognize the signs of client data theft
  • Create a data theft recovery plan, and call the IRS immediately

Comments are closed.
    SEARCH NEWS ARCHIVES
    CALCHAMBER NEWS
    ​
    CalChamber Alerts
    CalChamber Advocacy
    CalChamber HR
    Chamber Blog

    news Categories

    All
    Arts & Culture
    BGOC
    Business Advocacy
    Business Workshops
    Careers
    Charitable Events
    Christmas
    City Of Oceanside News
    Coastal Communities
    Community News
    Consumer Column
    COVID 19
    Cox Communications
    CSUSM
    Education
    Electricity
    Events
    Finance
    Frontwave
    Halloween
    Health & Wellness
    Housing
    Kaiser Permanente
    Kids Event
    Local Events
    Local News
    Medical
    Member News
    Military
    MiraCosta Community College
    Networking
    Non Profit
    North County News
    Oceanside Business
    Oceanside Events
    Oceanside News
    Oceanside Public Library
    Political Scene
    Promotions
    Restaurants
    Retail
    Safety
    San Diego County Event
    San Diego County News
    Scripps News
    SDG&E
    SDGE
    Senior Citizens
    Small Business News
    Tax News
    Things To Do
    Transportation
    Tri City News
    Valentine's Day
    Veterans
    Workforce Development

    ​RECENT NEWS

    December 2024
    November 2024
    October 2024
    September 2024
    July 2024
    June 2024
    May 2024
    April 2024
    March 2024
    February 2024
    January 2024
    December 2023
    November 2023
    October 2023
    September 2023
    August 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018

    RSS Feed

Copyright © 2023 Oceanside Chamber of Commerce
928 N. Coast Highway | Oceanside, CA 92054
Tel 760-722-1534 
[email protected]
Privacy Policy
Map/Directions
Picture
  • Oceanside
    • About Oceanside >
      • History of Oceanside
      • Demographics
      • Arts and Culture
      • Education
      • Employment
      • Health Care
      • Religious Organizations
      • Local Government and Services
      • Retiring in Oceanside
      • Oceanside Maps
    • Visitor Information >
      • Beaches
      • Accommodations
      • Groups and Meeting
    • Things to Do >
      • Oceanside Events >
        • Downtown History Walks
        • Farmers Market
        • Sunset Market
      • Shopping >
        • Coupons
      • Dining
      • Surfing
      • Regional Attractions
    • Volunteer Opportunities
  • Business Directory
    • All Categories
    • Coupons
    • New Members
  • Media
    • Publications >
      • Advertising Your Business
      • Best of Oceanside Magazine
      • Military Publications
    • Member News
    • Blog
    • Advancing Oceanside Podcast
  • Chamber
    • Membership >
      • Member Portal
      • Application
      • Testimonials >
        • Digital Plaque - Oceanside Chamber Member
    • Advocacy >
      • Chamber Political Action Committee
      • Public Policy Guidelines
    • Our Work >
      • 2023 Annual Report
      • 2023 Strategic Priorities
      • Committees - Task Forces - Forums
    • Oceanside Young Professionals
    • Oceanside Leadership Academy
    • Workforce Development >
      • SOCAL Workforce
      • Pooled Employer Plan
      • Kindness
      • Frontline Friendly
    • Our Team >
      • Chamber Staff
    • Chamber Trip: Sights of Scotland
    • Privacy Policy
  • Events
    • Signature Chamber Events >
      • Meet the City of Oceanside
      • Armed Forces Day Operation Appreciation
      • Coastal Business Expo
      • North County Health Fair
      • Heroes of Oceanside and Camp Pendleton
      • Oceanside Senior Showcase
      • Rising Star Student Program
    • Monthly Chamber Events
    • Annual OCC Mixer Passs
    • Oceanside Community Events
  • Resources
    • Community Resources
    • Local Business Resources
    • Military Resources
    • Sustainability Resources