November 06, 2017 | Blog
Securing Your Tax Practice – Data Breach Plan
From tax expert Gerry Vittoratos
The unthinkable has happened: there has been a breach of your data networks. What is the proper response in such a situation?
The following paragraphs are inspired by the FTC article “Data Breach Response: A Guide for Business”.
Secure Your Operations
Time is of the essence when a security breach has happened. Amongst the next steps you should take:
Contact Experts of the Field
You should consider hiring a data forensics team who can help you determine the source and the scope of the breach. Once their analysis done, they can indicate to you the steps to take to remedy the situation. You should also contact your legal team to see what is expected of you legally concerning the breach.
Secure Physical Areas
You should secure any areas that are potentially affected by the breach by putting them under lock or changing the access codes to these areas.
Stop Additional Data Loss
Take all breached equipment offline immediately. If possible, replace the breached equipment with clean machines; if not, closely monitor all entry and exit points. Change the credentials of authorized users (new user IDs and passwords).
If the breach occurred at the service provider level, examine what personal information they possess on their end and determine whether your service provider is taking the necessary steps to make sure another breach does not occur.
Analysis of the Breach
As mentioned above, it would be advisable to hire a team of experts to do a full analysis of the breach. Find out if measures such as encryption were enabled when the breach happened. Analyze backup or preserved data. Review logs to determine who had access to the data at the time of the breach.
Software for Accounting Firms & Tax Professionals
The DT Professional Suite provides tax and accounting solutions designed to increase your firm’s efficiency and profitability. It’s everything you need to power smoother workflows, make more informed decisions, improve client service and achieve better results.