It’s July, and that means firing up the grill and staring at elaborate, choreographed pyrotechnic displays. It also means taking classes to earn CPE and thinking ahead to filing season.
Don’t neglect data security in the off-season!
Since 2015, the Security Summit has been raising awareness of pitfalls tax professionals and taxpayers face. One thing the summit reiterates year after year? Tax-related phishing scams are no longer confined to a January-to-April schedule.
While it’s certainly important to batten down the hatches during tax season, data security needs to be a year-round effort. Even if you’re not actively trying to secure your data, you can rest assured that cyber criminals are working hard to break into your network to file fraudulent tax returns and sell private information on Dark Web auctions.
OK, so how do I secure my data?
One of the first things you should do to address data security in your tax office is train everyone—from partners to front-desk employees—to avoid phishing scams. That means watching the news for emergent scams and understanding tried-and-true tactics.
If you weren’t expecting an email from a potential client, don’t click links in an email soliciting your services. In fact, some offices have developed a don’t-click-any-attachments policy, since spear-phishing strategies often impersonate employees and management staff. Offices that rely on digital communication with clients can sign up for client-facing portal services to securely transmit private information and tax documents.
Password hygiene is another issue that tends to plague almost everyone connected to the Internet. You should have a unique password for every online account, period. If you’re someone who has several different email addresses and subscribes to numerous online services, that can seem like a daunting task. Luckily, there are password manager services that can help you create secure, unique passwords.
Finally, you need to update your software. Whether it’s installing the most recent Windows patch or allowing Steam to update those 53 games in your backlog that you’re probably never going to play, neglecting application updates opens your computer to security flaws. I bring up the WannaCry ransomware attack so often for a good reason: it was a successful attack because people neglected operating system updates.