What You Need to Know About Secure Handling of Sensitive Contractor and Employee Data
Though you can trust the security of an IRS-authorized transmitter like efile4Biz when entering the names, addresses, SSNs and TINs for contractors, employees and other payees, what are you doing to safeguard this information in the earlier stages? Before this information is encrypted on a secure server for risk-free filing of 1099s and W-2s, you’re responsible for safely obtaining (and storing) it.
Here are six pointers for keeping this data confidential and strengthening
your cyber defense:
1) Take inventory of where you store sensitive data. Whenever possible, maintain high-risk data on the fewest number of computers or servers, along with separating it from the rest of your business data.
2) Encrypt sensitive electronic data via special software or security programs. This is especially important for any information you capture or transmit on portable devices like smartphones, tablets and laptops. You may also want to explore electronic “wiping” programs that permanently discard files deleted from your hard drive, as well as the remote wiping of phones in case of a security threat.
3) Make sure you have a strong firewall. A fully protected network begins with a properly configured firewall, which acts as a first line of defense with Internet traffic coming in and out of your business.
4) Keep antivirus and anti-malware programs up to date. Using these programs is smart but unless you’re staying on top of the latest versions or updates, you could open the door to newly emerging threats.
5) Reinforce your password policy. In addition to setting up screen savers that require passwords after periods of inactivity, encourage the use of obscure words or phrases for passwords that can’t easily be guessed. Strong passwords should be at least eight characters, and consist of a combination of letters, numbers and special characters.
6) Secure documents and equipment. Although it might not seem as obvious, paper documents can still be the target of security breaches. Lock up documents, files and storage devices (computer disks and flash drives) in a file cabinet or office when they’re not in use, and limit access only to approved employees. What you don’t need any longer, shred.