During the ninth annual National Tax Security Awareness Week, the IRS and its Security Summit partners identified important steps to reduce the risk of tax scams and identity theft. Employers play an important role in safeguarding sensitive information for their organizations and employees. By adopting best practices, employers can mitigate the risk of data breaches and fraud, protecting both business operations and employee trust.
Key Tips for Employers
- Safeguard Employee and Business Data
Ensure that requests for personal information, such as Social Security numbers, bank account details, or other sensitive data, are legitimate. Train your team to verify why the information is needed and limit disclosures to only what is necessary. Always authenticate the identity of the requestor by contacting them directly through official channels, rather than responding to unsolicited emails, texts, or phone calls.
- Verify Online Vendors and Retailers
When making business-related purchases online, ensure the vendor's website is secure and reputable. Criminals can mimic legitimate websites and even purchase valid digital certificates to make fraudulent sites appear genuine. Confirm web security by checking for trusted verification badges and researching the retailer's reputation. Avoid sites with questionable credentials or design flaws.
- Utilize Security Software
Equip all company devices with comprehensive anti-virus and anti-malware software, and ensure the software is updated regularly. Sensitive business files, including tax records, should be securely stored, backed up, and encrypted. Educate employees about cybersecurity practices for shared or personal devices used for work, especially in remote settings.
- Implement Strong Passwords and Multi-Factor Authentication (MFA)
Encourage employees to create strong, unique passwords for work accounts and prohibit password reuse. MFA adds an extra layer of security by requiring a secondary verification step, making it harder for hackers to gain unauthorized access. Regularly review and update password policies for your organization.
- Limit Use of Public Wi-Fi
Employees working in public spaces should avoid using unsecured public Wi-Fi networks for accessing work-related systems. If public Wi-Fi is necessary, ensure they use a virtual private network (VPN) to protect data transmissions. Educate employees on the risks of unsecured networks and emphasize the importance of connecting securely.
- Recognize Signs of Compromised Accounts
Cybercriminals often use hacked email or social media accounts to target others. Teach employees to recognize suspicious messages or unusual requests, even if they appear to come from trusted contacts. Encourage vigilance and reporting of any odd activity to IT teams immediately.
- Respond Promptly to Identity Theft
If your business or an employee becomes a target of identity theft, act quickly to minimize damage. Employers should have a response plan that includes notifying the IRS, financial institutions, and any affected parties. Ensure employees are aware of resources to report and recover from identity theft, such as the Federal Trade Commission’s identity theft tools.
Why These Measures Matter
Identity theft can have severe financial and operational consequences for businesses. Stolen tax information may lead to fraudulent tax filings, delays, or penalties. By fostering a culture of security awareness and implementing strong protective measures, employers can reduce risks and support a safe and efficient workplace.
Protect your business and employees this tax season by staying informed and proactive in preventing identity theft and fraud. For additional resources, visit the IRS Security Summit page.
Benefit Allocation Systems (BAS) provides best-in-class, online solutions for: Employee Benefits Enrollment; COBRA; Flexible Spending Accounts (FSAs); Health Reimbursement Accounts (HRAs); Leave of Absence Premium Billing (LOA); Affordable Care Act Record Keeping, Compliance & IRS Reporting (ACA); Group Insurance Premium Billing; Property & Casualty Premium Billing; and Payroll Integration.
MyEnroll360 can Integrate with any insurance carrier for enrollment eligibility management (e.g., Blue Cross, Blue Shield, Aetna, UnitedHealth Care, Kaiser, CIGNA and many others), and integrate with any payroll system for enrollment deduction management (e.g., Workday, ADP, Paylocity, PayCor, UKG, and many others).
