Data security for tax and accounting firms
Take action to help you keep your clients safe
Cybercriminals are specifically targeting tax and accounting firms at increasing rates. It's not just the big firms being targeted, but firms of all sizes.
At Thomson Reuters, the security of your data and your clients' data is a top priority. We're continuing to take steps to strengthen data security, help you protect your practice, and comply with IRS security requirements. Working together, we can put safeguards in place to help you protect your clients and your firm.
Check out our fact sheet for important information about data security, and keep reading for actions you can take to help you stay safe against security threats.
IRS requirements for tax software
Beginning with tax year 2016, the IRS — working in partnership with tax software vendors and practitioners in the profession — put security requirements in place for all tax-related software for professionals. At Thomson Reuters, we believe that all data is important, so these changes were applied to all our software.
Here is a summary of the IRS requirements:
- Login requirements: Tax-related software for professionals needs to be protected by a login with certain password requirements.
- Password strength: As defined by the IRS, a strong password contains a minimum of eight characters with at least one uppercase letter, one lowercase letter, one number and one special character. The IRS also requires that preparers reset their passwords every 90 days.
- Timeout period: Applications must time out after 30 minutes of user inactivity and requires users to log back in using their credentials. However, while your access is suspended, the operation of the software is not, so the processes within the software will continue during the timeout.
5 security questions firms should ask
Save your firm's client data from cybercriminals. Prevent identity theft, prepare for data breaches, and create a safer world.
Stay safe and informed
Thomson Reuters is here to support you. In addition, you should consult with your advisors for guidance on data security practices and legal standards applicable to your practice. It is also important to check the IRS website regularly for security news and alerts.