Technology has made tax compliance a lot simpler and more efficient. I believe at some point, tax compliance and payment will be a just-in-time activity we can easily do from our smart phone or watch.
But, computer systems and networks need to be extremely secure due to the highly sensitive data and the thieves who work 24/7 to get the data. Just this week, the IRS alerted tax professionals of thieves and scammers trying to get control of practitioner computers to avail themselves of client tax data.
This is not the first warning from the IRS. A few times during 2016 the IRS warned tax professionals of scams aimed at obtaining their PTIN and client data. As part of the Security Summit, the IRS launched a campaign called – Protect Your Client: Protect Yourself, to bring greater awareness of threats and how to avoid them. One such scam involves thieves taking control of the practitioner’s computer and thus being able to obtain data from it.
The IRS encourages practitioners to review the security settings on their computers. In a 9/2/16 press release (IR-2016-119), the IRS recommends:
“In addition to activating security measures for tax software products, IRS urges all tax preparers to take the following steps:
- Run a security “deep scan” to search for viruses and malware;
- Strengthen passwords for both computer access and software access; make sure your password is a minimum of eight digits (more is better) with a mix of numbers, letters and special characters and change them often;
- Be alert for phishing scams: do not click on links or open attachments from unknown senders;
- Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;
- Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.
In addition, the IRS recently issued instructions to tax professionals on how to monitor their PTIN activity.”
It's challenging enough for tax practitioners to work with the tax law and keep up to date with it. They also need to have a good foundation in technology and keep up to date to understand how to keep e-data secure and have appropriate technology set up for their tax practice.
What do you think?