IRS Publication 4557 provides seven checklists for tax preparers to help protect tax clients' tax data. The safeguards also protect your business from a data breach and the resulting loss of revenue and reputation.
Encyro provides sophisticated security and privacy safeguards to help you securely send and receive clients' tax data including W2's, pay stubs, tax returns, signature pages, business accounting records, voided check photos, and other financial information.
Specifically, related to the requirements for Information Systems Security and Computer Systems Security sections, Encyro provides you with the following built-in safeguards:
- Ensure that storage areas are protected against destruction or damage from physical hazards, like fire or floods. Enyro's storage is protected against physical hazards using 3 way encrypted replication within each data center and then additional replication at another data center.
- If you collect information online directly from customers, make secure transmission automatic. Caution customers against transmitting sensitive data, like account numbers, via email. Encyro provides you with an upload page (with Pro membership), to make it super-easy for customers to send you data securely. Place your Encyro upload page link in your email signature and encourage customers to use it in any email you ask them to send you sensitive paperwork.
- If you must transmit sensitive data by email over the Internet, be sure to encrypt the data. Encyro does this for you.
- Use strong passwords of 8 or more characters. (Encyro in fact enforces additional requirements for strong passwords including the use of multiple types of characters: uppercase, lowercase, numeric, and special. You must enable your compliance settings to activate this protection.)
- Encrypt all sensitive files and emails. Encyro protects files and emails that you share with others using Encyro.
- Back up sensitive data to a safe and secure external source. (Encyro not only acts as an offsite backup for your data, but internally all Encyro data is backed up encrypted on a distant data center, hundreds of miles away from the primary data center serving your data.)
Please note that the IRS publication also requires you to secure your data outside of Encyro. To help you with that, the Encyro blog provides several helpful cybersecurity articles, especially:
- Strong passwords for your computer
- Enforce screen lock after inactivity
- Secure your WiFi network
- Device security
- Physical data security
- Secure data disposal
The IRS publication 4557 checklists are discussed here.