Tips to help protect your company during tax season
TIP 1: BE PREPARED FOR PHISHING SCAMS
Hackers and cyber criminals know you’ll be looking for ways to quickly prepare for tax season. Don't be fooled by emails that try to entice you to click on a link or download malicious content. If an offer looks promising, research the company, their competitors and verify their site is legitimate. If doesn't hurt to call them before you engage online.
TIP 2: ENCRYPT SENSITIVE DOCUMENTS
Encrypt sensitive documents before you sending them to your accountant. If the accountant doesn’t accept encrypted documents, then don’t send them online. Make copies and deliver them in person. Use only https websites for transmitting sensitive information.
TIP 3: TECHNOLOGY CHECKLIST
Since you will be reviewing expenses for the past year, now is a great time to create a list of your technology that should be protected, including copiers, printers, software services, websites, social networks and point of sale devices. Include detailed information about the service, age and security parameters.
TIP 4: DATA BACKUP
When is the last time you backed up your critical business data? Review your critical data and take steps to back it up it up with an encrypted service provider.
TIP 5: CYBER DAY
Has the CEO taken the time to talk to employees about cybersecurity? Schedule a monthly meeting to have the business owner talk about the importance of protecting the business from scams. Many scams target employees, so have them learn how to protect your company.
TIP 6: IDENTITY THEFT
In order to protect your identity and prevent fraudulent returns, learn the signs. Identity thieves often use letters to obtain sensitive information to conduct further attacks. For instance, you or your accountant might attempt to file your business tax return, but it is rejected, or you may receive a tax transcript by mail that you didn’t request. The IRS has several good references to protect against business identity theft. If you believe you've been a victim of tax fraud, contact the IRS via mail – information is available on their website - http://bit.ly/2ejECXg.
TIP 7: SHRED
Shred confidential business data. Make sure your employees also learn to shred sensitive information rather than simply throwing it away.
TIP 8: BUDGET FOR SECURITY
As you are reviewing your expenses from last year, assess whether your company is adequately protected. An industry best practice is to spend between 5-8% of your IT budget on IT security. The NCSS assists our members in obtaining quality cybersecurity products and services in order to keep your costs low.
TIP 9: ASSESS
Assess the risks to tax information to include your operations, physical environment, computer systems and employees. Make a list of all locations where you keep sensitive business data and implement controls to protect access.
DID YOU KNOW?
- In 2015, the IRS identified 233 business tax returns that were filed using known or suspicious EINs of which 97 claimed refunds exceeding $2.5 million.
- The IRS has found that identity thieves apply for and/or obtain an EIN using the name and social security number of another individual as the responsible party.
- Are you protecting your business identity from tax fraud?
- Learn more about business identity theft at our resource page.
Still have questions, need help?
Contact us at our “Ask-an-Expert” service, mailto:firstname.lastname@example.org or visit us at the link below.
© 2018 National Cybersecurity Society, All Rights Reserved
JOIN THE NCSS
Become a member of The National Cybersecurity Society today and learn more about how to protect your business from a cyber attack.
About The National Cybersecurity Society
The National Cybersecurity Society is a non-profit organization focused on providing cybersecurity education, awareness and advocacy to small businesses. The NCSS provides cybersecurity education tailored to the needs of the small business owner; helps small businesses assess their cybersecurity risk; distributes threat information to business owners so that they will be more knowledgeable about the threats facing their business; and provides advice on the type of services needed to stay safe online.