IRS outlines the 6 keystones of proper cybersecurity: How many does your firm use?

With employers falling victim to costly phishing schemes and employee confidential info being comprised with alarming regularity, the IRS’ new cybersecurity tool should be of interest to benefits pros everywhere. 
The agency just released IR-2018-150: Tax Security 101 ­– Security Summit, which outlines the following “Security Six” must-have protection for solid cybersecurity:

1. anti-virus software
2. firewalls
3. two-factor authentication
4. backup software/services
5. drive encryption, and
6. a data security plan.

Phishing-specific safeguards

While the IRS guide was created specifically for tax professionals, the feds noted these safeguards are a good idea for any taxpayer or small business.

So all plans and plan sponsors should find value in the IRS guidance, which can be found here.

If you’re looking for some additional tips to prevent phishing, here are a few tips to emphasize with your Finance staffers:

1. Never click on a hyperlink within an email. This is almost always a scam.
2. Watch for the “https” on the website. Don’t see it? That site’s not secure. (Of course seeing it isn’t a lock that you’re safe, but it helps.)
3. Stay updated on the latest scams. You can sign up for email alerts to get a heads up on the latest phishing scams so you don’t get blindsided. (FraudWatch International offers one; click here to sign up)
4. Remind everyone: Banks don’t ask customers to update information this way. If your staffers get a request like this – no matter how authentic it appears – have them call their bank to verify it.