It’s no secret that the accounting profession is a specific target for cybercriminals, especially during tax season. The risks get higher each year, which is why it is so critical to take a fresh look at your security protocols and make sure they are up to speed, and your team, clients, and third parties that you work with are all aware of how to keep themselves, your firm, and all relevant data secure. 

The IRS and its security partners recommend six specific steps you can take to comply with the latest regulations regarding client data and the Swizznet Obsessive Support® Team is here to help you implement them.

Use the following summary of the IRS Security Summit  “Security Six” recommendations to “deep six” cyberthreats and put the following best practices in place for your firm including a written data security plan to meet the IRS 4557 requirement.

1. Anti-virus software

Generally, anti-virus software scans computer files or memory for certain patterns that may indicate the presence of malicious software (also called malware). It is recommended to complete the following scans regularly:

When selecting an antivirus package, tax professionals should learn about its features, so they know what to expect. Remember, keep security software set to automatically receive the latest updates so that it is always current.

2. Firewalls

Firewalls provide protection against outside attackers by shielding a computer or network from malicious or unnecessary web traffic and preventing malicious software from accessing systems. Firewalls may be broadly categorized as hardware or software. While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type used:

Firewalls primarily help protect against malicious traffic, not against malicious programs (malware), and may not protect the device if the user accidentally installs malware or falls for email phishing scams. 

3. Two-factor authentication

The use of two-factor authentication and even three-factor authentication is on the rise, and you should always opt for a multi-factor authentication protection when it is offered, whether on an email account, tax software account or any password-protected product to prevent their accounts from being taken over by cybercriminals and putting their clients and colleagues at risk.

Two-factor authentication helps by adding an extra layer of protection beyond a password. Often two-factor authentication means the returning user must enter credentials (username and password) plus another step, such as entering a security code sent via text to a mobile phone. 

4. Backup software/services

Critical files on computers should routinely be backed up to external sources. This means a copy of the file is made and stored either online as part of a cloud storage service or a copy of the file is made to an external hard drive. You should ensure that client data is backed up and also encrypted – for the safety of the taxpayer and the tax pro.

5. Drive Encryption

Given the sensitive client data maintained on tax practitioners’ computers, users should consider drive encryption software for full-disk encryption. Drive encryption, or disk encryption, transforms data on the computer into unreadable files for an unauthorized person accessing the computer to obtain data. Drive encryption may come as a stand-alone security software product. It may also include encryption for removable media, such as a thumb drive and its data.

6. Virtual Private Network

This is critical for practitioners who work remotely. If a tax firm’s employees must occasionally connect to unknown networks or work from home, establish an encrypted Virtual Private Network (VPN) to allow for a more secure connection. A VPN provides a secure, encrypted tunnel to transmit data between a remote user via the Internet and the company network. Search for “Best VPNs” to find a legitimate vendor; major technology sites often provide lists of top services.

How to meet the IRS4557 requirements for “Security Six”

All accounting and tax professionals also should review their professional insurance policy to ensure the business is protected should a data theft occur. If you put off upgrading your tech stack in 2021, do it now to support your new remote or hybrid work environment. 

Pre-pandemic, remote workers tended to be the exception, so network security and access were managed from an in-office perspective. Now, enabling staff to access a secure, virtual desktop through devices that have antivirus (AV), endpoint detection and response (EDR) and multifactor authentication (MFA) allows them to be productive while giving the organization a stronger cybersecurity defense.

Take time now for a tax season cyber security reality check to prevent a busy season business interruption. 

Putting these steps in place will help to reduce your firm’s immediate exposure to cyber threats during the busy tax season and beyond. Now is the time to do a pre-tax season cyber security audit to make sure you have all of your bases covered. This is where the team from Swizznet can provide guidance and break down the components of a solid cyber security strategy designed specifically for your accounting firm. They can also help identify gaps in your current strategy which may need your attention. 

Remember, the best offense against mounting cyber security threats is a strong offense. At Swizznet, their Obsessive Support® will ensure your accounting firm has the best possible protection and expertise available to keep your remote teams and practice running as efficiently and securely as possible. Join us for a webinar on Nov. 9 to get all of your Security Six bases covered!!

 

The right tech stack can really alleviate stress, save time, and maximize your firm’s throughput, but only if you have a clear vision for each solution you are using. There’s a buffet of options out there, that’s for sure, and they all cost either time to implement or money to buy (or both) so it can be stressful to even think about which solutions to use. I get it and I want to help, that’s why I am sharing my softball strategy to help you build a tech stack that works with your firm not against it!

Imagine if hitting a home run when it comes to the profitability of your practice was as easy as watching a ball game. To me, it really is—running a profitable and highly efficient accounting, bookkeeping or tax practice is no different than coaching a softball (or baseball) team. Here’s a brief overview of how you can use softball strategy to knock it out of the park when it comes to your practice productivity and profitability, too. 

You see, in softball, you have positions on your team that you have to fill. In addition, you have players that you need to recruit to fill those positions.  Let’s stick with the defensive side of the game.  You have a pitcher, catcher, first baseman, second baseman, etc. Imagine if hitting a home run when it comes to the profitability of your practice was as easy as watching a ball game. To me, it really is—running a profitable and highly efficient accounting, bookkeeping or tax practice is no different than coaching a softball (or baseball) team. Here’s a brief overview of how you can use softball strategy to knock it out of the park when it comes to your practice productivity and profitability, too. nd baseman, third baseman, shortstop, left fielder, center fielder, and right fielder.

As a coach, you need to know what the positions are and you need to seek the most talented players to fill those positions.  From an accounting, bookkeeping, or tax  practice perspective the game really is no different. You have certain positions to fill in order to run your firm, to create an amazing client experience, and to complete client work.  

Every accounting firm has some positions that are necessary no matter what you provide for services. Then there are the tools you need that are specific to the services you provide. In other words, in order to pick the right software, you need to also accept that no one piece of software is going to solve everything.

Here are the solutions that I have chosen (Click on the name of each one below to get the overview of benefits):

ADP

Bookkeep

Canopy

Fishbowl

Jirav

Liscio

Smartvault

Swizznet

Truly Financial

Veem

However, you really need to choose your own based on your needs and by looking at the solutions and how they align with the problems you are trying to solve. Start by downloading the Team Brolin Starting Lineup Playbook here.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram