Most cyberattacks are aimed at small businesses with fewer than 100 employees:
Learn about best security practices for small businesses.
IRS continues protective masking of sensitive information on business transcripts.
A Business Identity Theft Affidavit – Form 14039-B – is available for all businesses to report theft to the IRS.
Beware of various scams, especially the W-2 scam that attempts to steal employee income information.
Check out the "Business" section on IRS's Identity Theft Central at IRS.gov/identitytheft.
Here are some basic steps to protect your business data:
Install anti-malware/anti-virus security software with automatic updates enabled on all devices including laptops, desktops, routers, tablets and phones.
Deploy firewall protections on your network.
Use responsible passwords with:
At least eight characters (longer is better)
Special and alphanumeric characters
Passphrases instead of passwords
Unique passwords for each account
Protection on wireless devices
A password manager
Choose multi-factor authentication when available
Encrypt sensitive files and emails with strong password protection.
Back up sensitive data to a secure, external source not connected to your network.
Destroy old computer hard drives and printers that contain sensitive data.
Limit access to personal data only to individuals who need to know.
Enter personal data only on secure sites with web addresses that begin with "https."
Please visit the IRS at: Identity Theft Information for Businesses | Internal Revenue Service (irs.gov) for additional information about protecting your business from identity theft.
Mark Gleason CPA
MattsonGleason.com
Comments