Security

Data Security Is No Joke

Every time you turn on the news, you hear of some big data breach where thousands of individuals have had their personal information stolen. Often, you don’t even know your data has been stolen until some mystery charge shows up on your bank or credit card statement or your tax return is filed and an electronic announcement comes back from your software announcing that your return had already been filed.

People have lost countless hours and thousands of dollars from the crime and the effort to recover from it. They have lost their credit rating and through scams, their life savings.

It might surprise you to learn that paid preparers have become prime targets for hackers too. The bad actors out there have figured out that preparers have a lot of valuable information about you on their computers. If they get in, they can use this information to sell on the dark web, file bogus tax returns, and take out loans in your name. They might even direct contact you by phone or e-mail with scams or malware.

Security Measures at JS Associates

Data security is a top priority for me. We are all under this threat and I take it very seriously. Unfortunately, no one is 100% safe but I thought you’d like to know the measures that are taken here.

The most important measure is that I am an eternal skeptic of all things digital. I am very aware of the consequences of opening the wrong e-mail or visiting the wrong website or downloading the wrong file. I always have my antennae up and, partly because of this, I have never been hacked.

I never open a file from someone I have not met. This includes people who claim to be potential new clients who send me their documents to look at. This is a well-known scam to try to insert Malware or Ransomware or keystroke software on your system. One click and you are toast!

I carefully scrutinize e-mail I get from existing clients and other contacts. I have had clients and other contacts whose own accounts got hacked and I got e-mail’s purporting to be from the person whose name is in “From” header. If there is no subject line, or the subject line just doesn’t go with the client or the situation, I check the header to see who the e-mail is really from. Usually that leads to a quick delete and a notification to the purported sender that their e-mail account got hacked.

All my drives (even the flash drives) are encrypted with Military Grade encryption and are also secured by bitlocked passwords. My online backup provider also uses Military Grade encryption. I also run a robust anti everything software suite and software and hardware firewalls to help ensure that your data is only seen by those authorized. I also have systems in place to be quickly back up and running in the case of a server meltdown with no loss of your precious information so I can quickly get back to preparing client’s returns.

In addition, all client work papers are locked up in cabinets behind locked doors in an alarmed office when no one is in the office. Even the interior doors are locked. However, most of my client records are electronically secured. Only one or two years’ worth of tax information is actually on paper.

I don’t even take credit cards directly because I don’t want that client information on my computers. I take it only through a third party service center so that I never see the credit card information and it is not contained on my computers.

Protection Just In Case

As I said earlier, no one is 100% safe. The bad guys out there get more sophisticated all the time as evidenced by all the big companies that got broken into digitally. Companies that have entire IT security departments whose entire job it is to keep the gates closed. For that reason, I carry Cyber Security insurance.