Tech Thursday: Safeguarding Taxpayer Data with IRS Publication 4557

Along with tax season comes an increase in taxpayer data theft and associated fraud. So, the IRS has issued Publication 4557 to help tax preparation professionals safeguard the data that has been entrusted to them.

Last week, we looked at the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) and why tax preparers need a written data security plan.

Tech Thursday: DFARS In Depth – Part 9: System and Information Integrity

For our final installment of the “DFARS In Depth” series, we’ll cover the last of the fourteen security requirement families in NIST SP 800-171 -- System and Information Integrity.

While you may have spent fantastic amounts of time and energy securing your systems, the requirements in this family remind us that security is an ongoing process, which requires constant monitoring and adjustment.

Tech Thursday: DFARS in Depth – Part 7: Risk and Security Assessment

As we continue our in-depth look at NIST SP 800-171 as it applies to DFARS, we will get into two important assessments that organizations need to make continually: risk assessment and security assessment.

As both your systems and threats against those systems continue to evolve over time, it’s important that you implement routine checks to make sure that you’re still secure and in compliance with regulations.

DFARS In Depth – Part 5: Incident Response and Maintenance

Our in-depth discussion of the DFARS security requirements as set out in NIST SP 800-171 continues with the next two security requirement families: Incident Response and Maintenance.

Both of these security families involve taking steps to make sure that the security infrastructure that you’ve put in place remains functional and responsive to new threats.

DFARS In Depth – Part 4: Identification and Authentication

To continue our discussion of the DFARS requirements of NIST Special Publication 800-171, this week we’ll discuss the Identification and Authentication security requirement family.

This requirement family covers how we verify that the users and devices connected to our systems 1) are who they say they are, and 2) should have access to what they’re accessing.

DFARS In Depth – Part 3: Configuration Management

To continue our discussions of the security requirements of DFARS and CMMC, this week we’ll be looking at the fourth security family in NIST SP 800-171: Configuration Management.

Configuration management is a set of practices that ensures that your systems and devices are configured correctly from the start, and that any changes made to their configuration does not affect the security of your systems.