The financial services industry is perhaps the most targeted by hackers because of the value of data it possesses. Hackers, also known as cybercriminals, are after people's personal and financial information. Those in the financial industry who are most frequently targeted during tax season are tax pros and CPAs since they possess the personal and financial information of their clients.
By law, tax preparers are required to provide protection as outlined in the Financial Services Act of 1999. Keeping up with the strategies of cybercriminals is a difficult task, as they are always inventing new and efficient strategies to gain information. As tax season begins, financial professionals can expect these activities to increase because of the high level of online activity that frequently leaves data unprotected despite best efforts.
Regardless of the size of your practice, you can be a target. Most small- and medium-sized businesses don’t believe they’re targets. In fact, they think it’s only a big business or government problem but that’s not the case since two-thirds of all small- and medium-sized businesses are attacked in a 12-month period.
There are steps you can take as a tax pro or CPA to make sure you are not the victim of a hacker during this tax season. Today the Rules of Thumb blog from MoneyThumb would like to share 5 ways tax pros and CPAs can avoid being targeted by cybercriminals as suggested by data security specialist Jess Coburn, President/Founder of Applied Innovations. All 5 steps involve working closing with your IT professional:
- Enable Multifactor authentication on your email and critical systems. This includes your email service, your file sharing service, and any financial systems you may access. You can visit www.twofactorauth.org for instructions on how to enable this on your different services and systems.
- Beef up your email security. Many businesses today leverage services like Office 365 or Google’s G Suite and while these have good spam protection and virus protection there are better systems. Consider Office 365 ATP that automatically alerts users when an email is suspected of phishing. It scans any links in the emails at the time you click the link and attachments are actually opened and executed on secure computers to monitor their activity before they are provided to you.
- Avoid Password/User Name Reuse and monitor the “dark web” for leaked credentials. Today most users have the same password everywhere and hackers know this. It’s only a matter of time before hackers try these credentials on other services like your bank, your mail server, your Dropbox account or your Facebook page. Password Managers are great tools to make it easy to maintain strong passwords.
- Monitor your network for remote connectivity, abnormal user activity and other red flags like large amounts of data transfer or changes. This may sound like a daunting task but artificial intelligence is very effective. While it is common during tax season for an accountant to log in and work at 3 a.m. it is probably not normal that he’s logging in from Uzbekistan, especially after typing in the wrong password 300 times. Conditional Access in Office 365 and Cloud App Security are effective protections. They are affordable or already included in your existing subscription and not in use.
- Lastly Backup. Despite hackers growing sophistication, backup systems remain the most important protection against total data loss. Follow the “3,2,1 rule of backup”
- Maintain 3 copies of your data
- In 2 different storage media
- Keep 1 of them off-site at all times
Now is the time to act by sitting down with your IT professional and analyzing your vulnerability to cyber-crime efforts before tax season really heats up.
As a final note, rest assured that the CPAs and other tax pros that use MoneyThumb PDF financial file converters never have to worry about security. The MoneyThumb store uses SSL (Secure Sockets Layer) technology which is the industry standard and among the best software available today for secure transactions. It encrypts all personal information including credit card number, name, and address, to prevent it from being read as it travels over the Internet. When you place orders or access account information, we automatically send you to our secure credit, providing your browser accepts SSL encryption. The most commonly used browsers developed by Microsoft, Mozilla, Google, and Opera are able to process SSL encryption.
Read our security policy here.