IRS Highlights “Security Six” Safeguards


The IRS, along with Security Summit partners, offered important tips dubbed “Security Six”protections to help tax professionals protect their computers and email as well as safeguard sensitive taxpayer data. The “Security Six” protections is the second in a series called “Protect Your Clients; Protect Yourself: Tax Security 101.” All tax professionals, whether part of a large firm or a one-person shop, must enact security safeguards.

The “Security Six” are:

  • antivirus software, to automatically or manually scan computers for protection against malware, spyware and phishing;
  • firewalls, to protect unnecessary network traffic and malicious software from accessing the network;
  • two-factor authentication, to access emails by adding an extra layer of protection;
  • backup software and services, to back up critical files routinely;
  • drive encryption, to transform data on the computer into unreadable files for the unauthorized person accessing the computer; and
  • a written data security plan as required by the Federal Trade Commission and its Safeguards Rule.

Further, tax practitioners were urged to review the recently revised IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security: the Fundamentals by the National Institute of Standards and Technology. In addition, tax practitioners were advised to review Publication 5293, Data Security Resource Guide for Tax Professionals, which provides a compilation data theft information available on IRS.gov. Tax professionals can stay connected to the IRS by subscribing to e-News for Tax Professionals, QuickAlerts and Social Media.