The importance of data security for CPAs and Tax Professionals

Fraudsters see these forms very differently than you and I.

Seemingly common and simple information like names, addresses, social security numbers, etc., become gateways for identity thieves to enter private lives of unsuspecting victims. The ensuing disruption, loss and stress can affect people and businesses in disproportionate ways.

A Harris Poll research for the American Institute of CPAs (AICPA) revealed that “three in five Americans (60%) believe it is likely that identity theft will cause them a financial loss in the next year”.

Javelin go so far as to say that “financial institutions’ methods to identify and respond to fraud are no match for criminals’ high-tech schemes to hijack consumer accounts. Fraud losses…in 2019 resulted in consumers facing $3.5 billion in out-of-pocket costs …as criminals shifted their focus from card fraud to opening and taking over accounts”.

Now, opening and taking over bank accounts requires a whole repertoire of personal information which is normally not easily available to thieves. Yet, a single hack into a CPA’s database might hit them a jackpot! Every piece of information required to ‘open and take- over bank accounts’ of hundreds of unsuspecting victims is presented to them on a platter. Stolen identities and information can and is often used to commit a host of other crimes. Don’t let your business be that jackpot!

Most taxpayers now file returns online. Relevant paperwork and data are freely shared via personal emails, text messages and images via multiple platforms. While this digital transformation has greatly improved speed and efficiency for tax-payers, tax professionals and the IRS, it has inadvertently also opened up gaping chasms for data breaches.

Rule 1.700.001 of the AICPA Code of Professional Conduct (AICPA Code), Confidential Client Information Rule (the Rule), stipulates that public practitioners shall not disclose any confidential client information without the client’s specific consent. And where there is an unauthorised breach, the processes and procedures that were in place will be considered… and where applicable, criminal penalties may apply for negligence in safeguarding taxpayer’s information.

The consequences of a single unfortunate breach are much too grave to be ignored. Not to mention the reputational risk that can shatter the hard-earned goodwill earned by businesses. And reputational loss, especially for small and medium size businesses, is nearly impossible to revive!

Luckily, advancement in technology now provides safe and easy solutions to avoid this risk in the form of data encryption, which is the process of encoding information by converting it into an alternative and uncompromisable form known as ciphertext.

DropSecure is one such platform that uses military-grade, multidimensional and dynamic encryption methods to safeguard data.

DropSecure uses randomly generated AES 256 bit symmetric keys for securing data transfer. This ensures that data shared between you and your client via DropSecure leaves devices fully encrypted and secured. A two-factor identification process is then used before issuing a decryption key/OPT to the intended recipient before it can be accessed. The File Vault Protection option can further safeguard any data saved by users on DropSecure servers by using ‘public key cryptography’.

What makes DropSecure different and better than other encryption platforms is that it requires no software installations and needs no passwords. What’s more, managers can set expiration dates, control and revoke access on files and folders, thereby ensuring that data is held only by the rightful owners and disposed of when the need is fulfilled. Zero Knowledge transfer further ensures that DropSecure themselves have absolutely no access to client information.

So really, no data is ever found in the wrong hands; and certainly, never lost.

With simple pricing solutions and FINRA, SEC and HIPPA compliance, DropSecure provides stress-free solutions for effectively safeguarding data while ensuring legal compliance

DropSecure’s mission is to simplify your communication and sharing needs without knowing the contents of your data. To that extent, you can rest assured that your data is in your control.

Get secure with DropSecure cyber security’s 7-day free trial today.

Related Posts

Awards and Achievements