At a time when having a written data security plan is required of tax professionals by the Federal Trade Commission, the importance of protecting the financial information collected from tax clients cannot be understated. Even if tax professionals weren’t handed that dictum from the FTC, let’s not forget that identity thieves have redoubled their efforts in recent years.
Since paid tax return preparers have increasingly been the target of a variety of scams designed to access client databases, the IRS and tax industry leaders created the Security Summit to address this growing problem. For its part, GruntWorx will be implementing an optional security feature to help customers better protect their accounts from data thieves.
This coming tax season, GruntWorx will support three types of two-factor authentication to protect user accounts on login, meaning that customers will be able to choose the one that best suits their office: an authenticator application, email, or SMS service (like a text message).
You may be more familiar with email- and SMS-based varieties, which function a lot like the emails and text messages generated whenever you reset an email account’s password: when trying to log into GruntWorx, you’ll get an email or text message containing the random, temporary code you need to enter in addition to your password before accessing your account.
If you want two-factor authentication but don’t like the idea of getting an email or text, consider getting a GruntWorx-supported app, like Google Authenticator. To use it, just download the app to your computer or mobile device, follow the GruntWorx-provided setup instructions, and open the application to see the code.
While two-factor authentication is optional, consider the danger a data breach poses to your business and clients. Aside from cybercriminals bilking the government of millions of dollars, some scams—like the recent phishing scam where criminals actually deposited the fraudulently acquired refund money in taxpayers’ accounts before trying to convince victims to send the money back to “the IRS”—can result in taxpayers getting a double-whammy tax bill in April if they have to pay back the amount stolen by fraudsters on top of their actual tax liability.