At Boundless, we’ve always prided ourselves on taking your security seriously – in fact, tax data security is one of our biggest concerns.
Let’s face it, doing your taxes is one of the more personal services you pay a fee for. For example, your barber or hairdresser likely isn’t going to know your Social Security Number and everything about you financially. However, your tax professional or bookkeeper is going to.
Recently, the IRS announced new guidelines for tax professionals, entitled “Taxes. Security. Together.“ As we reviewed this new checklist, the realization occurred that we already complied with it on our own!
We also felt it is necessary to publish this checklist and our notes for all our clients and potential clients to see, so everyone can see how seriously we take the subject of your personal security. It is also a bit of a warning for those of you who are potential clients reading this. If you are currently vetting tax professionals to provide services to you, ensure they can pass this checklist as well. If other professionals can’t pass, it may prove advantageous to pass on those professionals. (Like what we did there?!)
Taxes. Security. Together.
Deploy the Security Six Measures
Activate Anti-Virus Software: All of Boundless’ office computers, servers, and web hosts boast thorough anti-virus protection. We take pride in the fact that none of our equipment has ever fell victim to a virus or malware. This is likely due to the level of protection that is standard here at Boundless.
Use a Firewall: We currently have firewalls in place on all Boundless technology, such as our office computers, web servers, and website. Again, this protection is standard and our firewall has never been exploited to-date.
Opt for Two-Factor Authentication: Most Boundless products are able to offer two-factor authentication. We are proud to offer this additional level of security on most of our information-gathering and upload forms, as well as our new secure online client portal suite. We also protect our various web forms from being exploited with Google’s CAPTCHA software. This is the little checkbox at the end of our forms that asks if you’re human.
Use Backup Software/Services: All of your data provided to Boundless, as well as tax returns and other deliverables prepared by Boundless, are continuously backed up both locally and via secure cloud backup services. We maintain these services both in-house and with the assistance of third-party cloud backup services. All backups are fully-encrypted and secure.
Use Drive Encryption: All communications sent to and from Boundless, as well as all data on our office computers, servers, and web servers, are encrypted when being stored or sent. Additionally, any communications sent through our new secure messaging system (part of our new online client portal) are encrypted end-to-end.
Create & Secure Virtual Private Networks (VPNs): At this time, since Boundless employees do not work remotely offsite, we have no need to create a Virtual Private Network. However, we would not allow employees to work offsite without first creating one if the need arose.
Create a Data Security Plan
Federal Law maintains that all professional tax preparers should have an information security plan for client data. While Boundless does not make this information public, all new clients will receive a copy of this information security plan document after an engagement letter is signed. Boundless takes client security very seriously and wants to ensure that all our clients are informed about data safeguards.
Tax professionals should be continuously educating clients on how data security effects them. If yours isn’t, you might want a new tax pro!
You might think nothing of purchasing a product or service online, such as finding an online tax preparer like us! The questions afterward are where is that information going? Who has access to it? Is it backed up – and where, how, when?
Recognize Signs of (Attempted) Data Theft
There are many signs both Boundless and the IRS will warn about regarding the attempt or potential for data theft.
One of the most blatant and reiterated hundreds of thousands of times by tax professionals everywhere: The IRS will never call you. If you receive a phone call claiming to be an employee of the IRS, this is a scammer. The IRS only communicates with taxpayers (and even tax professionals) at this time by snail mail – the United States Postal Service. So if it’s not a letter or notice on IRS letterhead or stationary, it’s usually false and an attempted scam.
Along those same lines, if you receive legitimate letters from the IRS concerning multiple tax returns filed in your name or you receive tax transcripts in the mail you did not request, this is a cause for concern. In short, this means someone is attempting fraud under your Social Security Number or Individual Tax Identification Number. If this happens, call a tax professional like Boundless, or phone the IRS directly.
Data Security is a Real Concern
Make sure the tax professional you choose is just as concerned (if not more concerned) about your personal data security as you are. Tax professionals of all types have a civic duty to maintain clients’ privacy and data security, and we caution everyone to be sure the tax professional they choose is on the same page, and is following IRS regulations on the subject.