The IRS encourages owners of sensitive data to consider encryption. Encryption makes information unreadable without a deciphering key.
The IRS suggests the following basic steps for encryption protocol:
- Use drive encryption to lock files on computers and on devices. Drive or disk encryption converts text in files into an unreadable format for anyone who makes an unauthorized access attempt. Entering the password unlocks the files for legitimate users.
- Back up encrypted copies of data to external hard drives or use cloud storage. If using external drives, they should be kept in a secure location. If using cloud storage, the data should be encrypted before uploading to the cloud.
- Don’t attach USB drives or external drives to public computers.
- Don’t install unnecessary software or applications to your network.
- Avoid offers for “free” software, especially security software.
- Download software or applications only from official sites.
- Perform an inventory of devices where data are stored, such as laptops, smart phones, tablets and external hard drives.
- Take an inventory of software used to process or send data, such as systems, browsers, applications, software and web sites.
- Limit or disable Internet access capabilities for devices that have stored data.
- Delete all information from devices, hard drives, flash drives, printers, tablets or phones before disposing of devices.
- Physically destroy hard drives, tapes, USBs, CDs, tablets or phones by crushing, shredding or burning.
- Shred or burn all documents containing information before throwing them away.
These tips should be useful in setting up an encryption protocol.
