Home

Important Update for e-Services Users

The IRS is committed to protecting taxpayer and tax preparer information and maintaining the security of its systems.  As part of that effort, the IRS is strengthening the identity validating process used to access certain self-help tools on IRS.gov. 

Starting late October – October 24 is the target date – e-services users will be required to re-register using the Secure Access authentication process. Users must validate their identities through this process before they can access their accounts.

All e-services users will be affected by this change. Those who use e-services for TIN Matching only also must re-register. However, because there is no exchange of sensitive data, TIN Matching will use a more streamlined process.  For details, please see: Important Update for Your e-services Account.

Secure Access is a two-factor authentication process that meets government standards and adds greater protections against attacks by cybercriminals.  This is a more rigorous process, and part of a wider effort to protect taxpayers and the tax community. For first-time users, it requires identity proofing, financial verification and an activation code text.  Returning users must submit their username/password credentials AND a security code text. 

Starting October 24, the IRS also will provide additional staff for the e-Help Desk and provide assistance to those users who are having difficulty passing Secure Access. This assistance may include identity authentication by phone and an activation code by mail which will take five to 10 calendar days for delivery. 

The same Secure Access authentication process currently supports Get Transcript Online. E-services users who created a Get Transcript account after June 2016 will have their Secure Access registration automatically migrate to e-services, but they will need to change their passwords on October 24.

It helps to be prepared. Please review Secure Access: How to Register for Certain Online Self-Help Tools to learn what you need to register successfully.
Users should ensure all credentials and certificates are up-to-date prior to October 24. Those with upcoming filing requirements should consider filing early. 

FYI: Effective December 31, 2016, the following minimum wage will be in effect in New York State:

  *  Workers in New York City, employed by large business (at least 11 employees) -  $11.00
  *  Workers in New York City employed by small business (10 employees or fewer) -  $10.50
  *  Workers in Long Island and Westchester Counties - $10.00
  *  Workers in all other areas of the state - $9.70
For more information on these minimum wage changes go to:
https://labor.ny.gov/workerprotection/laborstandards/workprot/minwage.shtm

 

Announcements

FYI:  NCCPAP Bethesda Spring Conference
May 10, 11, & 12, 2017
Hyatt Regency Bethesda
One Bethesda Metro Center, Bethesda, MD  20814
NCCPAP rates:  $237.00 (king and queen/queen)
Use following online dedicated link
Hyatt Regency Bethesda
Reserve room before April 9, 2017

FYI:  NCCPAP Summer Conference
August 9, 10, &11, 2017
DoubleTree Hotel
455 South Broadway, Tarrytown, NY  10591
NCCPAP rates: $161.00 (king and double/double)
Reservations: (914) 524-6418 or
Hilton Hotel Tarrytown
Online group code: CPA
Reserve room before July 9, 2017
Complimentary self-parking lot

Latest Discussions

  • Posted in: ncCPAp on the GO!

    There was a class in this at the conference. If you went to the conference in Dec, shouldn't you...

  • Posted in: ncCPAp on the GO!

    The last I heard was that there was no mechanism for the IRS to actually enforce the collection of...

  • Posted in: ncCPAp on the GO!

    Abby, When I do cert audits, i make certain the information agrees with the tax return. As depreciation...

  • Posted in: ncCPAp on the GO!

    The new TPR would not be considered in the preparation of the TC-201 as the form specifically states...


NCCPAP's Letter to NYS Executive Deputy Commissioner of Taxation & Finance

Regarding Driver's License Requirement for 2016 Tax Filing

NYSDriversLicenseLtrManion.pdf

Take a moment to read our response to this very important issue.  Thank you.


NCCPAP-Washington DC Agendas

NCCPAP had a very productive week, not just with our Committees and Board Meetings, but on Capital Hill.

Congressional Agenda & IRS Agenda


DOWNLOAD THE GO.NCCPAP APP

Download the free
Go.NCCPAP App
from the App Store or
Google Play Store.

Upcoming Events


A Few Security Recommendations

High-profile instances of cyber-crime make headlines every day, and large organizations such as Sony Pictures, Anthem and Home Depot are not the only targets of hackers. Smaller organizations that receive and maintain sensitive personal information, including accounting firms, also are the targets of cyber attacks, and there is no guarantee that any computer network is secure. In the case of Sony Pictures, the FBI stated that the level of sophistication of the attack was so high it would have gotten past 90 percent of private industry and government cyber defenses. However, there are some simple steps you’ll want to take to mitigate your risk, as the financial and reputation consequences of losing sensitive client information can be significant. 

Secure All Hardware 

Sophisticated cyber attacks are not the only way sensitive client information can be compromised. Laptops, hard drives and personal devices such as smart phones often contain sensitive information that can be compromised if those devices are lost or stolen. At a minimum, devices should be password protected, and in the case of smart phones and tablets, configured to be erased remotely. Encryption of the data on such devices can help to prevent the loss of sensitive personal information, even if the devices are lost. The more sophisticated the encryption, the more comfort you will have that the information is secure. An IT professional can help you implement proper encryption protocols. 

Educate All Users 

Threats posed by phishing email attacks and malware can be mitigated if users are trained to recognize them. Being able to identify suspicious email communications and attachments and knowing to hit the delete key without opening them can greatly reduce the risk of malware infecting a device. In addition, passwords are a crucial defense for work and personal email accounts. Systems
should require complex passwords consisting of a combination of upper and lower case letters, numbers and special characters to reduce risk posed by cyber threats.

 Select the Right Security Software 

You should, and probably already do, invest in Internet security, including virus and malware protection and firewalls. However, security software is constantly updated to address existing and new threats as they emerge, so you need to ensure that you have the most current versions. At the outset, be sure the software you choose is regularly and reliably updated. If you need assistance selecting software, you should engage your information technology provider to help you make a sound choice.

 Understand the Cloud 

If you decide to take advantage of the benefits that cloud computing has to o#er, you should ensure that the vendor you engage maintains security over its servers and can provide you with representations that it has undergone a third-party review of controls and safeguards, including encryption for sensitive data. You should know where the information is being stored, how it is protected and who has access to it. Keep in

mind that the cheapest option may not be the best. You want to be sure that you select a reputable vendor that will be in business for years to come. 

Put the Law on Your Side 

Even before you encounter a situation where sensitive client data may have been compromised, you should contact an attorney with expertise in data security incident response to help you proactively formulate a response plan. An attorney can help you recognize your risks and select the key personnel who should be involved if an event occurs. Most important, an attorney will be a reliable guide through the complex series of laws and regulations involved in responding to an incident.

Summary 

As a normal part of business, accountants receive and maintain sensitive client information, including social security numbers and credit card information. While collecting and maintaining this data is necessary, doing so in a computer network or system that is connected to the Internet raises concerns about the possible theft or exposure of that information. Although it is virtually impossible to guarantee security, there are risk management measures that can and should be taken by accountants to mitigate their exposure.

 Bullet Points 

• Require passwords and encrypt your data on all devices.
• Educate your partners and employees about cyber threats.
• Regularly update your security software and firewall configuration.
• Select a reputable cloud provider that has had its security tested.
• Contact an experienced attorney to evaluate your privacy risks and establish an incident response plan.

Thank you to: Thomas R. Manisero, Esq. & Gregory J. Bautista, Esq.
Wilson Elser Moskowitz Edelman & Dicker, LLP
CPA Protector Plan ®

Recent Blogs

FIND US ON

Follow Us on Twitter   Find Us on Facebook   Find Us on Flickr   Join Us on LinkedIn   Find Us on YouTube   Follow Us on Instagram

Most Active Members