IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

4 Steps to Protect Data During Tax Season

In one expert's opinion, strong year-round security standards will also protect fragile data at tax time.

State, city and county government agencies may be the first line of defense against criminals trying to compromise the personal or financial data of citizens who file their taxes at the last minute. 

Last fall, a massive security breach of the South Carolina Department of Revenue’s network compromised more than 3.5 million citizens' social security numbers. State officials took 10 days to deny the hacker access and another six to inform the public about the breach.

And another criminal could take similar action now -- on the busiest time of year for people sending private information to their government electronically.

Paul Christman, vice president of public-sector sales and marketing for Quest Software, a division of Dell, offered strategies that local government administrations can take to protect their citizens. And he noted that if enterprises implement strong security protocols all the time, it won’t matter if hackers strike during tax season or any other part of the year. 

“It could be tax information, it could be personal information of any kind, it could be Social Security information [or] it could be health-care information," he said. "We look at this sort of holistically."

Christman recommends that enterprises take the following four steps to ensure that only the proper government personnel have access to fragile data:

1. Implement strong perimeter protection. “You need to have good, strong perimeter protection — next generation firewalls that do more than just look at viruses but do deep packet inspections, " he said. "That’s imperative.”

2. Vigilant account management and activity logging. Access control decision-makers must exercise tight control over who has access to what on the network. “These systems administrators need to have very, very tight controls," Christman said. "That’s how you protect against some rogue administrator carting off all of the tax data.”

3. Robust user authentication. In addition to the standard username and password combo, users should have something additional to access the network, like a keycard, biometric device or some other piece of hardware or software.

4. Engage security experts as consultants. Be open to hiring outside security professionals and researchers to buttress your own enterprise expertise and technology. “This risk assessment consulting is really, really important.”

Christman thinks these steps are appropriate for the most private data, but stresses they're not for everything. For example, data that’s transmitted via an online system to reserve non-essential goods and services isn't as important as the financial data millions of Americans will be sending to their government online this month.

“Do I put this level of intensity around a reservation for parks and recs in a local county government to reserve the basketball court? Absolutely not,” he said. “Credit card data, financial data, health-care data, some tax information — those sorts of things justify the additional layers of security.”

Image courtesy of iStockPhoto


Special Projects
Sponsored Articles
  • How the State of Washington teamed with Deloitte to move to a Red Hat footprint within 100 days.
  • The State of Michigan’s Department of Technology, Management, and Budget (DTMB) reduced its application delivery times to get digital services to citizens faster.

  • Sponsored
    Like many governments worldwide, the City and County of Denver, Colorado, had to act quickly to respond to the COVID-19 pandemic. To support more than 15,000 employees working from home, the government sought to adapt its new collaboration tool, Microsoft Teams. By automating provisioning and scaling tasks with Red Hat Ansible Automation Platform, an agentless, human-readable automation tool, Denver supported 514% growth in Teams use and quickly launched a virtual emergency operations center (EOC) for government leaders to respond to the pandemic.
  • Sponsored
    Microsoft Teams quickly became the business application of choice as state and local governments raced to equip remote teams and maintain business continuity during the COVID-19 lockdown. But in the rush to deploy Teams, many organizations overlook, ignore or fail to anticipate some of the administrative hurdles to successful adoption. As more organizations have matured their use of Teams, a set of lessons learned has emerged to help agencies ensure a successful Teams rollout – or correct course on existing implementations.