Saturday February 22, 2020
IRS Program to Increase Employee Smartphone Security
One important function of the Treasury Inspector General for Tax Administration (TIGTA) is to review IRS security practices. The IRS is tasked with protecting personal tax information for over 140 million American taxpayers. TIGTA regularly reviews IRS policies to encourage higher levels of security for these tax records.
One of the negotiated agreements between the IRS and its 80,000 employees is that they are permitted to use their personal iPhones. This is called the "bring your own device (BYOD)" plan.
The TIGTA report noted this policy increases the productivity of IRS employees and reduces costs. IRS employees who desire to use this program must register their smartphones with the Service. There is a separate server for these phones. The IRS has implemented procedures for independent review of the activity logs on these BYOD servers.
The TIGTA report made several recommendations to increase security. The IRS employees should have malware and anti-virus protection on their phones. If a phone is lost or stolen, there should be a procedure for deleting data from that phone. The IRS employees should not use a screenshot to record any tax information.
The IRS indicated it will implement the TIGTA-recommended security upgrades.
Editor's Note: The TIGTA report did not discover any data breach incidents, but it urged the IRS to take steps to reduce security risks. The IRS Security Summit regularly studies security for both the IRS systems and taxpayers. Because most taxpayers and tax preparers use electronic filing and all IRS records are on computer servers, it is important to be on guard against fraudsters and hackers. The Security Summit and TIGTA reviews have been successful in reducing the number of security-related incidents each year.
Published September 20, 2019