Make a Referral
Refer a company to BenefitMall
Press & Media Center
Get all the facts and information you need
Video Library
Watch our latest videos and demos on our new video library
Coding

Are You Adequately Protecting Employee Data? Take A Look at the “Security Six”

The IRS and its Security Summit partners – a coalition of federal agencies and private industry – have a new checklist for professionals who use, manage and store sensitive taxpayer information. 

With all the progress that’s been made in the past few years to reduce tax refund scams and identity theft, the criminals continue to find ways to steal information.

It makes sense for payroll and HR leaders to review security steps, since you constantly handle sensitive data – not only Social Security numbers and confidential salary information, but other personal data about your employees. 

Here are the “Security Six” steps:

1. Use anti-virus software to scan computer files or memory for certain patterns that may indicate the presence of malicious software, or “malware.” Anti-virus software is “updated daily,” according to the IRS, because criminals try to stay one step ahead. It is crucial to install and run the latest updates of your software. 

2. Make sure you have a firewall for protection against outside attackers. A firewall will shield your computers and networks from malicious or unnecessary web traffic to help prevent malicious software from accessing the user’s system.

3. Use two-factor authentication to add a layer of protection. Return users to a login system and enter credentials like a username and password; the next step is to enter a security code.

4. Routinely employ backup software or services to back up critical files on computers and hard drives to external sources.

5. Consider drive encryption, also known as disk encryption, to transform data into unreadable files, so only authorized users can access the data.

6. Use a virtual private network, especially if you or members of your team work from home or other sites. A VPN provides a secure, connection to transmit data between a remote user and the company’s network.

If you are not directly responsible for some of these items, please consider passing this information along to your IT team, security consultant or other stakeholders. 

Additional resources:

IRS Security Summit homepage
Publication 4557, Safeguarding Taxpayer Data: A Guide For Your Business
Small Business Information Security: The Fundamentals by the National Institute of Standards and Technology
Publication 5293, Data Security Resource Guide for Tax Professionals
Identity Protection: Prevention, Detection and Victim Assistance
Tax Scams/Consumer Alerts


Share:

Add your comment

 
 

 

Syndication

Subscribe Me

Enter your email address:

Delivered by FeedBurner

Archive

First Name
Last Name
Company
Email
Phone #
Zip Code
# of Employees