IRS Tax Tip 2021-113, August 4, 2021 The IRS and its Security Summit partners recently kicked off their annual summer campaign. This year's theme, Boost Security Immunity: Fight Against Identity Theft, urges tax pros to step up their efforts to protect client data. One way they can do this is by using multi-factor authentication. Multi-factor authentication, also known as two-factor authentication, allows a tax professional or taxpayer to use another feature such as a security code sent to a mobile device, a pin number or a fingerprint in addition to the username and password. A thief may steal usernames and passwords but cannot access accounts without the additional multifactor feature. Client information stolen from tax professionals' offices is used to create fraudulent tax returns that are difficult to detect because the identity thief is using real financial data. Tax professionals also should use multi-factor authentication features anywhere it is offered, such as commercial email products and cloud storage providers. Multi-factor authentication is available on all online tax software products and should be used by tax pros and taxpayers Multi-factor authentication is just one of several security steps tax pros – and taxpayers – should use to protect sensitive data. Other steps include: Using anti-virus software and set it for automatic updates. Anti-virus software scans existing files and drives on computers - and mobile phones – to protect from malware. Using a firewall to shield digital devices from external attacks. Using backup software/services to protect data. Making a copy of files can be crucial, especially if the user becomes a victim of a ransomware attack. Using drive encryption to secure computer locations where sensitive files are stored. Encryption makes data on the files unreadable to unauthorized users. Creating and securing Virtual Private Networks. A VPN provides a secure, encrypted tunnel to transmit data between a remote user via the Internet and the company network. Search for "Best VPNs" to find a legitimate vendor; major technology sites often provide lists of top services. Federal law requires all professional tax preparers to create and implement a data security plan. The IRS also recommends tax professionals create a data theft response plan, which includes contacting the IRS Stakeholder Liaisons to report a theft. More information: Identity Theft Central Publication 4557, Safeguarding Taxpayer Data PDF Publication 5293, Data Security Resource Guide for Tax Professionals PDF Subscribe to IRS Tax Tips