Security Checklist

Here is a summary of the 5 news releases issued with links to the respective checklists on IRS.gov.

The ‘Taxes-Security-Together’ Checklist

  1. Deploy the “Security Six” measures:  https://www.irs.gov/newsroom/tax-security-2-0-a-taxes-security-together-checklist-step-1
    1. Activate anti-virus software.
    2. Use a firewall.
    3. Opt for two-factor authentication when it’s offered.
    4. Use backup software/services.
    5. Use Drive encryption.
    6. Create and secure Virtual Private Networks.
  2. Create a data security plan:  https://www.irs.gov/newsroom/tax-security-2-0-a-taxes-security-together-checklist-step-2
    1. Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data.
    2. The security plan requirement is flexible enough to fit any size of tax preparation firm, from small to large.
    3. Tax professionals are asked to focus on key risk areas such as employee management and training; information systems; and detecting and managing system failures.
  3. Educate yourself and be alert to key email scams, a frequent risk area involving:  https://www.irs.gov/newsroom/tax-security-2-0-a-taxes-security-together-checklist-step-3
    1. Learn about spear-phishing emails.
    2. Beware ransomware.
  4. Recognize the signs of client data theft:  https://www.irs.gov/newsroom/tax-security-2-0-a-taxes-security-together-checklist-step-4
    1. Clients receive IRS letters about suspicious tax returns in their name.
    2. More tax returns filed with a practitioner’s Electronic Filing Identification Number than submitted.
    3. Clients receive tax transcripts they did not request.
  5. Create a data theft recovery plan including:   https://www.irs.gov/newsroom/tax-security-2-0-a-taxes-security-together-checklist-step-5
    1. Contact the local IRS Stakeholder Liaison immediately.
    2. Assist the IRS in protecting clients’ accounts.
    3. Contract with a cybersecurity expert to help prevent and stop thefts.