Businesses should implement safeguards and watch out for tax-related scams

Most cyberattacks are aimed at small businesses with fewer than 100 employees:

• Learn about best security practices for small businesses.

• IRS continues protective masking of sensitive information on business transcripts.

• A Business Identity Theft Affidavit – Form 14039-B – is available for all businesses to report theft to the IRS.

• Beware of various scams, especially the W-2 scam that attempts to steal employee income information.

• Check out the "Business" section on IRS's Identity Theft Central at IRS.gov/identitytheft.

Here are some basic steps to protect your business data:

• Install anti-malware/anti-virus security software with automatic updates enabled on all devices including laptops, desktops, routers, tablets and phones.

• Deploy firewall protections on your network.

• Use responsible passwords with:

  • At least eight characters (longer is better)

  • Special and alphanumeric characters

  • Passphrases instead of passwords

  • Unique passwords for each account

  • Protection on wireless devices

  • A password manager

  • Choose multi-factor authentication when available

  • Encrypt sensitive files and emails with strong password protection.

  • Back up sensitive data to a secure, external source not connected to your network.

  • Destroy old computer hard drives and printers that contain sensitive data.

  • Limit access to personal data only to individuals who need to know.

  • Enter personal data only on secure sites with web addresses that begin with "https."

Please visit the IRS at: Identity Theft Information for Businesses | Internal Revenue Service (irs.gov) for additional information about protecting your business from identity theft.

Mark Gleason CPA

MattsonGleason.com