Why Protecting Your Tax Data Is More Important than Ever

Why Protecting Your Tax Data Is More Important than Ever

For individuals and many businesses, Tax Day is April 18 this year – and while it isn’t necessarily a celebration for most, completing returns on time can be immensely satisfying…and a huge relief. However, in recent years a disturbing new trend is on the rise – cybercrime relating to tax returns and tax-related data. For its victims, Tax Day represents inconvenience and loss.

Every year, in the run-up to the tax filing deadline, data breaches are becoming more frequent and larger in scope. With Tax Day approaching, businesses and individual filers should be aware that the sensitive data they are required to submit to the IRS may not be as secure as they may assume. For example:

  • In August 2015, the IRS was sued by taxpayers after it fell prey to a massive data breach affecting 330,000 people. Hackers reportedly stole personal information including Social Security numbers and accessed completed tax returns from the IRS. Multiple reports suggest that thieves were able to use this information to steal more than $50 million in federal funds.
  • Later, in February 2016, the IRS reported that the data breach was more than twice as big as initially realized. Instead of 330,000, the IRS reported that the data breach may have affected more than 700,000 victims.

Those affected are undoubtedly still feeling the effects from this theft, and we have learned the hard way that the IRS is not immune to cybertheft. As businesses and individuals increasingly file taxes and reports online, data breaches are becoming more common. This is especially true in the first quarter of the year, leading up to Tax Day, when more online financial activity occurs, and criminals know there is valuable, and, in some cases, easily obtainable information being transmitted to and from the IRS. A recent survey conducted by Impulse Research Group on behalf of Experian showed that almost half of respondents filed their own taxes electronically, another 20 percent file taxes by mail, and 30 percent file taxes with the help of a tax professional. As a result, information can be redirected without the knowledge of the individual.

A critical first step to preventing tax-related identity theft is to ensure that tax documents are securely stored and archived and that proper destruction of documents takes place after the period of limitations for a return runs out, usually three years per IRS guidelines. In addition, businesses should protect from phishing scams by educating employees on proper handling of documents that contain Social Security and tax ID numbers, as well as any sensitive employee data. Suspicious emails shouldn’t be opened; instead, users should go directly to the source, such as IRS.gov, rather than opening unsolicited emails or clicking on random links. Employees should also be trained to never respond to unsolicited requests for business or personal data of any kind, and companies should request removal from solicitation lists for business loans, credit cards and lines of credit – and those solicitation documents should be destroyed.

Cybersecurity is paramount, and businesses should use encrypted electronic payment forms, rather than paper, whenever possible. Electronic banking and transaction networks are inherently more secure than postal mail or fax and should be used as part of an overall IT security chain. For businesses of ANY size, including small- to medium-sized businesses, key elements of the security chain should encompass:

  • Encrypted communication – Via Virtual Private Network tunneling, to prevent sensitive traffic from going across the public internet, and protecting endpoints like laptops and desktops.
  • Encryption “retention”– Smartphones, hard drives and computers can contain sensitive information; when full disk encryption is in place, it prevents access to this information. However, as old equipment is discarded, encryption should be kept in place to protect the data on those devices.
  • Protection of data in transit and in the cloud – Leveraging full disk encryption to ensure that even if thieves intercept data, they can’t do anything with it.
  • Multi-factor authentication – Multi-tiered user authentication that makes it harder for an impostor to hijack login credentials and access data.
  • Firewalls – For blocking unauthorized access to company networks and systems, preventing data breaches and installation of viruses, malware and other code designed to steal sensitive information.

Overall, consumers and businesses should not underestimate the value of personal data. The unfortunate fact is that there is a thriving criminal market for this information, and cybercriminals are increasingly sophisticated. Tax season reminds us to be vigilant about data protection in order to prevent damage to businesses and personal finances – not to mention avoiding the stressful administrative headaches associated with data breaches. Doing as much as possible to secure data and keep personal identifying information safe – physically and electronically, including via the IT security chain – reduces the chance that even a successful data breach can do harm and ultimately protects and even enhances trust. And that is invaluable.


Featured

  • Trends Keeping an Eye on Business Decisions

    Today, AI continues to transform the way data is used to make important business decisions. AI and the cloud together are redefining how video surveillance systems are being used to simulate human intelligence by combining data analysis, prediction, and process automation with minimal human intervention. Many organizations are upgrading their surveillance systems to reap the benefits of technologies like AI and cloud applications. Read Now

  • The Future is Happening Outside the Cloud

    For years, the cloud has captivated the physical security industry. And for good reason. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. But as the number of cameras grows and resolutions push from HD to 4K and beyond, the cloud’s limits are becoming unavoidable. Bandwidth bottlenecks. Latency lags. Rising storage costs. These are not abstract concerns. Read Now

  • Right-Wing Activist Charlie Kirk Dies After Utah Valley University Shooting

    Charlie Kirk, a popular conservative activist and founder of Turning Point USA, died Wednesday after being shot during an on-campus event at Utah Valley University in Orem, Utah Read Now

  • The Impact of Convergence Between IT and Physical Security

    For years, the worlds of physical security and information technology (IT) remained separate. While they shared common goals and interests, they often worked in silos. Read Now

  • Unlocking Trustworthy AI: Building Transparency in Security Governance

    In situations where AI supports important security tasks like leading investigations and detecting threats and anomalies, transparency is essential. When an incident occurs, investigators must trace the logic behind each automated response to confirm its validity or spot errors. Demanding interpretable AI turns opaque “black boxes” into accountable partners that enhance, rather than compromise, organizational defense. Read Now

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.