IRS Tax Tip 2022-132, August 29, 2022 The IRS, state tax agencies and the tax industry – working together as the Security Summit recently concluded its summer series, Protect Your Clients; Protect Yourself. This campaign was a reminder for tax pros to focus on fundamentals of security and watch out for emerging issues when using cloud-based services for their practice. Here's a look back at key messages from the latest Security Summit. Identity Protection PINs provide an important defense against tax-related identity theft. The IP PIN is a critical defense against identity thieves. The IRS and its Security Summit partners need tax pros to let their clients know that IP PINs are now available to anyone who can verify their identity. Tax pros beware of evolving email and cloud-based schemes to steal taxpayer data. Tax pros using cloud-based systems to store and prepare tax returns and information should use multi-factor authentication. Specifically, they should use multi-factor authentication to reduce the risk of identity thieves gaining access to their online accounts. For more information about multi-factor authentication, people should visit the Cybersecurity and Infrastructure Security Agency website. All tax pros should watch for the tell-tale signs of identity theft. Identity thieves continue to target the tax community. All tax pros should learn the signs of data theft so they can react quickly to protect clients. Security Summit creates new data security plan to help tax professionals. Federal law requires all professional tax preparers to create and implement a data security plan. The IRS and its Security Summit partners recently unveiled a new sample security plan called a Written Information Security Plan or WISP. It is outlined in Publication 5708, Creating a Written Information Security Plan for your Tax & Accounting Practice PDF. This essential plan is designed to help tax pros, especially those with smaller practices, protect their data and information. Ways tax pros can help clients battle identity theft risk. Tax professionals should be proactive and take the following critical steps to secure their computer systems and protect client data: Use virtual private networks or VPNs to prevent potential eavesdropping in shared environments. Be cautious of requests for personal or financial information via email, telephone, text and social media. Be cautious of downloads, even from trusted sites. Change default passwords, choose strong passwords, and consider using a password manager. More information: Publication 4557, Safeguarding Taxpayer Data PDF Small Business Information Security: The Fundamentals PDF Identity Theft Central Publication 5293, Data Security Resource Guide for Tax Professionals PDF Subscribe to IRS Tax Tips