The IRS urges small business owners to put in place data security safeguards protecting their financial, personal and employee information from scams and cybercriminals. Many small businesses face financial and identity theft related schemes that try to obtain information that can be used to file fake small business tax returns, rob business bank accounts and create stolen identities.
Small business owners can reduce their risk of an attack by taking simple cybersecurity measures and training their employees. These attacks can target a business’s most valuable data, including:
- Credit card and payment information. A data breach can leave owners liable for fraudulent charges and ruin the business’s reputation.
- Business and employee identities. Stolen information can be used for identity theft and fraud.
- Tax and financial information. This information can be used to file fraudulent tax returns, costing a business owner time, money, and stress to resolve.
Small business owners are encouraged to learn about cybersecurity best practices. The IRS recommends business owners implement the Best Practices published by the U.S. Federal Trade Commission.
Protect business files and devices:
- Update software. This includes apps, web browsers and computer operating systems. Set updates to happen automatically.
- Secure business files. Back up important files offline, on an external hard drive or in the cloud. Also make sure to store paper files securely.
- Require passwords. Use passwords for all laptops, tablets and smartphones. Don’t leave these devices unattended in public places.
- Encrypt devices. Encrypt all devices and other media that contain sensitive personal information.
- Use multi-factor authentication. Require multi-factor authentication to access areas of your network with sensitive information. This requires additional steps beyond logging in with a password.
Protect the business wireless network:
- Secure the business router. Change the default name and password, turn off remote management and log out as the administrator once the router is set up.
- Use at least WPA2 encryption. Make sure the router offers WPA2 or WPA3 encryption and that the encryption setting is turned on. Encryption protects information sent over the network so it cannot be read by outsiders.
If you're a business owner in the New York Metro Area and need help making the best decisions for your business, request a consultation with our experienced accountants today. We look forward to providing you service.
