TECH TALK
Are you using multi-factor authentication to protect clients? Whenever possible,
you must be using multi-factor authentication to prevent identity thieves from accessing your clients’ personal information, according to the U.S. Internal Revenue Service (IRS) and its Security Summit partners. Beginning next year, all tax software providers will be required to offer multi-factor authentication options on their products that meet higher standards (and many already do). A multi-factor or two-factor authentication offers an extra layer of protection for the username and password used by the tax professional. It often involves a security code sent via text. “The multi-factor authentication option is an easy, free way to really step up protection of client data,” said IRS Commissioner Chuck Rettig. “All tax software products will make it a feature, and it’s part of a larger effort to protect taxpayers and the tax community.” Of the numerous data thefts reported to the IRS from tax professional offices this year, most could have been avoided had the practitioner used multi-factor authentication to protect tax software accounts. Practitioners can download to their mobile phones readily available authentication apps offered through Google Play or the Apple Store. These apps will generate a security code. Codes also may be sent to a practitioner’s email or text but those are not as secure as the authentication apps. Use a search engine for “Authentication apps” to learn more. In additional to tax software accounts, practitioners should use multi-factor authentication wherever it is offered. For example, cloud storage providers and commercial email products offer multi-factor protections as do social media outlets. IRS e-Services is an example of an account using multi-factor authentication. For more help, check out IRS Publication 4557, Safeguarding Taxpayer Data, and Publication 5293, Data Security Resource Guide for Tax Professionals, at irs.gov.
MOST PEOPLE DON’T CHANGE THEIR PASSWORDS AFTER A BREACH Believe or not, only a third of users change their passwords following an announcement of a data breach, according to Carnegie Mellon University’s Security and Privacy Institute. Researchers discovered that only a third of users studied actively changed their passwords with a site after being made aware of a breach. Of those users, most of the new passwords were considered weak. Protect your data with strong, difficult-to-hack passwords and consider using secured password management software.
From algorithms to deep learning Looking for an intro to how artificial intelligence will affect the CPA profession? Check out “A CPA’s Introduction to AI,” a whitepaper from the American Institute of CPAs and the Chartered Professional Accountants of Canada. Why learn more? According to the whitepaper: “Simply put, AI has the potential to significantly impact accounting and assurance jobs and businesses in the near future — if it has not already.” Find it at tinyurl.com/CPA-Intro-to-AI, and check out the Technology section of the VSCPA Center for Innovation at vscpa.com/innovation/technology.
10
DISCLOSURES
•
SEPTEMBER/OCTOBER 2020
