Above the Forms: Safeguarding Tax Professionals and Their Clients in 2016

Jan. 19, 2016 marks the official opening date for tax season. This year, tax professionals and their clients will benefit from a great deal of work that has been done by the IRS, states and the tax industry to help protect their information and combat tax fraud.

An IRS-commissioned Security Summit, made up of public and private tax administration leaders, worked hard throughout 2015 to create action plans to improve how taxpayer information is authenticated, educate the public on what it takes to keep information safe and provide added focus on cyber security. We have already seen enhanced education and security measures across the board, including the IRS releasing taxpayer security tips each Monday through the start of tax season.

Intuit® is rolling out expanded security enhancements within its products to further strengthen customer identity authentication and notification. Here are just a few of the features our customers will see this season:

• Multi-factor authentication will be included in Lacerte, ProSeries and Intuit Tax Online to help authenticate user identities and help tax professionals securely sign into their account. When tax professionals access their account for the first time or from a new device, they will automatically be sent a unique, six-digit code to their pre-designated, trusted device to be used in combination with their password to access their account.
• Intuit is requiring all Electronic Return Originators (EROs) to provide verification of their e-file Identification Number (EFIN) before e-filing. New tax professional customers must have IRS documentation of EFIN registration on file before they can efile through Intuit’s professional tax products. In addition, Intuit will proactively notify tax preparers who use the company’s professional tax software when it appears that their EFIN may have been compromised, in order to reinstate their EFIN with the IRS.

Like the IRS, we, too, are sharing tips to help tax professionals further protect themselves, their clients and their office. Here are a few examples:

• Shred all documents that include sensitive client information before throwing it away.
• Create strong passwords for all computers with sensitive client records, including a combination of upper and lower case letters, numbers and symbols. Don’t use passwords that are generic and easy to guess, like your firm name, the word “password” or a numeric sequence. Paper files should be kept locked and access restricted.
• Be suspicious of unsolicited emails that ask for confidential or sensitive information and include a link to a Web site, as criminals use this approach to lure unsuspecting users into revealing private account information, like their EFIN. Mouse over the link, look at the site’s address and make certain that it appears legitimate before clicking. Intuit posts notices for phishing emails on the Intuit Online Security Center.
• Use the latest version of your web browser. Install security patches and software updates as soon as they are available.
• Help educate clients about what they can do to protect themselves online, including protecting their computer and mobile device, creating strong passwords, and being aware of phishing scams.

These are just a few of the ways that Intuit, the IRS and the entire tax industry are working together to help protect tax professionals and their clients. You will see more information soon from the IRS on special tips for tax professionals. Stay tuned and know that we are here to ensure that you and your clients have a very productive, successful and safe tax season.
CeCe