Back to top

Protect Yourself From Identity Theft

7/12/2016
Writtin by: Paul Bogdanoff, CPA and Tim Dages, CPA

Recently the IRS Commissioner, John Koskinen, held a Security Summit with IRS officials, state tax agencies and the tax community. One of the results of this summit was the IRS has announced that an expanded public awareness campaign aimed at making business aware of the need to focus on securing sensitive data. 

Because of the sensitive data held by business, cybercriminals are targeting business, using a number of tactics such as phishing scams and remote computer takeovers. Business that maintain, share, store or transmit sensitive personal data may have a legal responsibility to safeguard the sensitive personal data.

Business should review their administrative practices, computer security, facility protection, information and personnel information systems.

Steps that should be taken include:

  • Insure that sensitive personnel data that is left on a server or in the cloud is never left unsecured.
  • Securely dispose of sensitive data.
  • Require strong passwords that include:
    • Changed regularly
    • 12 characters or longer
    • A mixture of upper and lower case letters, numbers or symbols
    • Not a common word or proper noun
    • Not the names of your spouse, children, pets or other personal information
  • Emails that are sent that contain personnel information should be encrypted or a portal is used.
  • Store sensitive data in a secure system and encrypted when being transmitted across networks.
  • Paper documents, computer disks, flash drives and other media that contain sensitive data are kept in a secure location and access is restricted to authorized users.
  • Terminate access to data for anyone that is no longer employed.
  • Complete a risk assessment to identify risks and potential impact of unauthorized access.
  • Write an Information Security plan.

 

Cybercriminals use sensitive personal data to scam taxpayers. The Bogdanoff Dages team has continued to have conversations with clients regarding suspicious phone calls or communications. So, remember that if you are contacted by someone claiming to be an agent of the IRS or another tax authority, take caution.Feel free to contact Bogdanoff Dages and Co., P. C. to answer your questions or review any correspondence you may have received.