Skip to content

Free 15-minute cybersecurity consultation — no obligation

Book Free Call
Tax50 min readDeep Dive

How to Encrypt Client Tax Data: IRS Requirements Guide

Learn how to encrypt client tax data with BitLocker and FileVault. Step-by-step IRS Security Six compliance guide for tax professionals. Get compliant in 2026.

How to Encrypt Client Tax Data: IRS Requirements Guide - how to encrypt client tax data

Tax professionals handle some of the most sensitive personal financial data in the U.S. economy — Social Security numbers, multi-year income histories, bank account credentials, and business tax identification numbers. Knowing how to encrypt client tax data is a legal requirement for every licensed preparer: the IRS Security Six framework, codified in IRS Publication 4557 and enforced under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, requires full-disk AES-256 encryption on every device containing taxpayer information.

This guide covers exactly how to encrypt client tax data for your tax practice — from Windows BitLocker and macOS FileVault configuration to external storage devices, recovery key management, and the IRS audit documentation required to demonstrate compliance. Whether you run a solo practice or a multi-preparer firm, the implementation steps are the same; only the scale of deployment changes.

The Federal Trade Commission's updated Safeguards Rule, effective December 2022 and strengthened in June 2023, explicitly requires financial institutions — including tax preparers handling 5,000 or more consumer records — to encrypt customer information both at rest and in transit. Tax firms that fail to implement required encryption face FTC enforcement actions, state regulatory penalties, and potential suspension of PTIN privileges. For a full breakdown of what the FTC requires, see our FTC Safeguards Rule guide for tax preparers, and use the Publication 4557 compliance checklist to assess your current standing.

Tax Data Security By The Numbers

$4.88M
Avg. Data Breach Cost (2024)

IBM Cost of a Data Breach Report 2024

94%
Tax Pros Required to Encrypt

All preparers with client data must comply with IRS Publication 4557

277 Days
Avg. Breach Detection Time

IBM Cost of a Data Breach Report 2024

Understanding the IRS Security Six Framework

The IRS Security Summit — a collaboration between the IRS, state tax agencies, and private-sector tax software providers — established the Security Six as six mandatory security controls for all tax professionals. Understanding the full framework matters because encryption alone does not constitute complete compliance with IRS WISP requirements. All six controls must be implemented together, documented in your Written Information Security Plan (WISP), and reviewed annually.

Drive encryption — the sixth and final component — protects data at rest on every device a tax practice uses, from primary workstations to USB drives and backup media. Without it, a stolen laptop containing tax software and client files becomes an identity theft resource regardless of how strong your Windows login password is. Physical access to the storage medium bypasses operating system authentication entirely, which is why encryption at the disk level is the only effective protection for lost or stolen devices, as confirmed by NIST Special Publication 800-111.

The Complete Security Six Components

Each of the six controls addresses a distinct attack vector. Implement them as a system, not in isolation:

  1. Antivirus Software — Real-time malware detection and removal across all systems
  2. Firewall Protection — Network traffic filtering and intrusion prevention
  3. Multi-Factor Authentication (MFA) — Secondary verification for all system and software access
  4. Automatic Security Updates — Timely patching of operating systems and installed software
  5. Data Backup and Recovery — Secure, tested backup procedures with verified restoration capability
  6. Drive Encryption — Full-disk AES-256 encryption for every device containing taxpayer information

For tax preparers who need a structured path to implementing and documenting all six controls, the Bellator WISP template for tax preparers includes pre-formatted documentation for each Security Six component, designed for IRS compliance reviews.

2026 Encryption Compliance Requirement

The IRS requires all tax preparers to have AES-256 full-disk encryption enabled on every device storing taxpayer data as part of the Security Six framework. Firms without documented, verified encryption controls face PTIN review, FTC enforcement action, and potential state regulatory penalties. Encryption must be enabled — not just purchased — and documented in your WISP before the 2026 filing season begins.

AES-256 Encryption: What Tax Professionals Need to Know

The Advanced Encryption Standard (AES) with 256-bit keys is the cryptographic algorithm required for Security Six encryption compliance. Adopted by the National Institute of Standards and Technology (NIST) in FIPS 197, AES-256 provides the same protection used to secure U.S. government information classified at the Top Secret level.

The "256" in AES-256 refers to the encryption key length. With 256-bit keys, there are 2256 possible key combinations — approximately 1.1 × 1077. Brute-force attacks against properly implemented AES-256 are computationally infeasible with any current or near-future technology. This matters to tax professionals because it means a device encrypted with AES-256 remains effectively protected even if physically stolen — the data cannot be accessed without the correct key.

For tax professionals, the encryption process is entirely transparent once configured. You enable BitLocker or FileVault once, and the operating system handles all encryption and decryption automatically as you work. Tax software such as Drake Tax, Lacerte, ProSeries, and TaxAct operates normally on encrypted drives — encryption works below the operating system level, intercepting data as it is written to disk and decrypting it on read-back, invisible to any application running above it.

This is why encryption is fundamentally different from — and far stronger than — password-protecting a file or folder. For a deeper comparison of data protection approaches, see our guide on hashing vs. encryption. Learning how to encrypt client tax data correctly means understanding that file-level passwords provide almost no protection against a determined attacker with physical access to your storage media — full-disk encryption does.

How to Encrypt Client Tax Data: Implementation Roadmap

1

Inventory All Devices and Storage Media

List every workstation, laptop, USB drive, external hard drive, and backup device that stores or has ever stored taxpayer data. This inventory becomes a required section of your WISP.

2

Enable Full-Disk Encryption on Primary Systems

Activate BitLocker (Windows 10/11 Pro) or FileVault (macOS) on each workstation. Verify cipher strength is set to AES-256 or XTS-AES 256-bit — do not rely on default settings.

3

Encrypt All External and Removable Storage

Apply BitLocker To Go to Windows USB drives and external hard drives, or use FIPS 140-2 validated hardware-encrypted drives for cross-platform environments.

4

Generate and Store Recovery Keys Securely

Create recovery keys for every encrypted device and store them in a fire-rated safe, enterprise password manager, or Active Directory escrow — never on the encrypted device itself.

5

Document Everything in Your WISP

Record each device's encryption status, cipher configuration, recovery key location, and responsible personnel in your Written Information Security Plan.

6

Test Recovery Procedures Annually

Verify at least once per year that recovery keys work and that staff know the procedure for reporting lost devices. Document the test date and outcome.

Windows BitLocker: Setup and Advanced Configuration

BitLocker Drive Encryption comes built into Windows 10 Pro, Windows 11 Pro, and Windows Enterprise editions at no additional cost. It integrates with the Trusted Platform Module (TPM) chip found in virtually all business-grade computers manufactured after 2016, providing hardware-based key protection and pre-boot authentication that satisfies IRS Security Six requirements.

For basic activation, navigate to Settings → Privacy & Security → Device Encryption, or search for BitLocker in Control Panel. The default BitLocker configuration may apply AES-128 in some system settings. Tax professionals should verify and enforce AES-256 through Group Policy to ensure full Security Six compliance — the default configuration is not always sufficient.

Advanced BitLocker Configuration via Group Policy

To configure maximum Security Six encryption protection on Windows tax workstations, open Group Policy Editor and apply these settings:

  1. Press Windows Key + R, type gpedit.msc, and run as administrator
  2. Navigate to Computer Configuration → Administrative Templates → Windows Components → BitLocker Drive Encryption → Operating System Drives
  3. Enable Require additional authentication at startup and configure TPM with startup PIN requirement
  4. Set Configure minimum PIN length for startup to 8 characters minimum
  5. Enable Allow enhanced PINs for startup to support alphanumeric PINs
  6. Under Choose drive encryption method and cipher strength, select XTS-AES 256-bit for Windows 10 version 1511 and later
  7. Configure Choose how BitLocker-protected operating system drives can be recovered to require documented recovery key storage outside Active Directory or local safes

These settings implement pre-boot authentication — requiring a PIN before Windows even loads — which prevents unauthorized access even when an attacker knows the Windows account password. This configuration satisfies both IRS Publication 4557 Section 10 and FTC Safeguards Rule §314.4(e) encryption requirements for data at rest. For firms managing multiple Windows workstations, managed endpoint security services can centralize BitLocker deployment and key management across your entire device fleet.

macOS FileVault: Enabling Security Six Encryption on Mac

macOS FileVault provides AES full-disk encryption on all Mac computers running macOS 10.13 (High Sierra) or later. FileVault 2 encrypts the entire startup disk using XTS-AES-128 with 256-bit total key length — a configuration that meets IRS Publication 4557 Security Six requirements. Modern Macs with Apple Silicon (M1, M2, M3, M4 processors) or T2 Security Chip also encrypt storage hardware by default at the chip level, with FileVault adding software-layer key management on top.

Independent benchmarking shows Apple Silicon Macs experience 0–1% performance impact from FileVault — within the margin of measurement error. Tax software including Drake Tax, Lacerte, ProSeries, and TaxAct produces no measurable difference in processing speed, e-filing, or PDF generation on any Mac manufactured after 2016. Encryption does not slow your practice down.

Enabling FileVault on macOS

  1. Open System Settings (macOS Ventura and later) or System Preferences on earlier versions
  2. Navigate to Privacy & Security → FileVault
  3. Click Turn On and authenticate with your administrator password
  4. Choose your recovery method: iCloud account (suitable for individual practitioners) or local recovery key (recommended for firms with multiple users and a documented key management procedure)
  5. Record the 24-character recovery key and store it per the key management procedures described in your WISP for small tax firms
  6. Allow initial encryption to complete — this may take several hours on large drives but can run while you continue working normally

For multi-user Mac environments, IT administrators can deploy FileVault at scale using Mobile Device Management (MDM) tools such as Jamf Pro or Apple Business Manager, both of which support centralized recovery key escrow — a feature that directly satisfies FTC Safeguards Rule §314.4(c)(4) documentation requirements for encryption key management.

If your practice uses both Windows and Mac systems, document each platform's encryption configuration separately in your WISP, including the responsible person for each device type and the recovery key storage location. The complete WISP creation guide covers encryption documentation requirements for mixed-platform environments in detail.

External Storage Device Encryption

Security Six encryption requirements extend beyond primary computers to every storage medium that contains taxpayer information. IRS Publication 4557 Section 10 specifically requires encryption of USB drives, external hard drives, portable SSDs, network-attached storage (NAS) systems, and all backup media. Any device capable of storing tax documents must be encrypted before receiving client data.

This requirement catches many tax practices off guard. A preparer may have full-disk encryption enabled on their laptop but transfer client files to an unencrypted USB drive for transport or backup — a direct compliance gap that creates exactly the exposure the Safeguards Rule is designed to prevent. The device that gets left in a car or lost at an airport is almost never the primary workstation; it is the external drive. Knowing how to encrypt client tax data on removable media is just as essential as protecting your main workstation.

BitLocker To Go for Windows External Drives

BitLocker To Go provides AES-256 encryption for removable storage on Windows systems using the same cryptographic protection as full-disk BitLocker. To encrypt an external drive: connect it, right-click in File Explorer, select Turn on BitLocker, choose password authentication, save the recovery key before completing setup, and let encryption finish. The encrypted drive can be unlocked on any Windows 10/11 Pro or Enterprise system with the password. One practical limitation: BitLocker To Go-encrypted drives are read-only on macOS without additional software, so cross-platform environments require a different approach.

Hardware-Encrypted External Drive Options

Hardware-encrypted external drives include dedicated encryption chips that perform AES-256 encryption independent of the host operating system. They work on Windows, macOS, and Linux without software installation and often carry FIPS 140-2 or FIPS 140-3 validation that strengthens IRS audit documentation. Common options used by tax practices include:

  • Apricorn Aegis Secure Key — PIN-authenticated USB drives, FIPS 140-2 Level 3 validated
  • Kingston IronKey D500S — FIPS 140-3 Level 3 validated with built-in brute-force attack protection
  • iStorage diskAshur PRO3 — External drive with integrated PIN pad and tamper-evident coating

Hardware-encrypted drives typically cost 40–80% more than standard external storage, but they eliminate OS compatibility issues, include physical brute-force protections, and carry certifications that support compliance documentation. These devices also pair well with a broader ransomware protection strategy — an encrypted offline backup remains unaffected even if network-connected systems are compromised.

Client Tax Data Encryption Compliance Checklist

  • Enable BitLocker (XTS-AES 256-bit) on all Windows workstations and laptops
  • Enable FileVault on all macOS systems and verify encryption status in System Settings
  • Encrypt all USB drives and external storage with BitLocker To Go or hardware encryption
  • Generate recovery keys for every encrypted device and store them off-device
  • Document recovery key storage locations and authorized access personnel in your WISP
  • Verify encryption cipher strength is AES-256, not the AES-128 default on some systems
  • Include an encrypted device inventory in your Written Information Security Plan
  • Train staff on encrypted device handling and lost device reporting procedures
  • Test recovery key procedures at least once per year and document the outcome
  • Review encryption documentation before each filing season for accuracy and completeness

Recovery Key Management: Where Most Tax Practices Fall Short

Generating encryption is straightforward. Managing recovery keys correctly is where tax practices most often fall short — and where the IRS and FTC focus their attention during compliance reviews. The FTC Safeguards Rule §314.4(c)(4) requires documented key management processes with written procedures, defined access controls, and audit trails for all encryption keys protecting covered consumer information.

Recovery keys are the emergency decryption mechanism when primary authentication fails: forgotten PINs, corrupted TPM chips, failed biometric readers, or access needs following an employee departure. Without properly stored recovery keys, encrypted data becomes permanently inaccessible. Tax practices have lost entire client databases because recovery keys were stored on the encrypted device itself, or in an unprotected email draft. Encrypted data without a recoverable key is simply lost data — your own security controls become your own data loss event.

Approved Recovery Key Storage Methods

Each storage method carries its own documentation requirements under the Safeguards Rule:

  • Fire-rated safe with dual-control access — Requires a documented authorization list specifying who can open the safe, plus a sign-in log for each access event
  • Bank safety deposit box — Requires documentation of authorized signatories and emergency retrieval procedures for access outside banking hours
  • Enterprise password manager with MFA — Options such as 1Password Business, Bitwarden Teams, or Keeper Business provide encrypted key storage with audit logs and role-based access control; logs satisfy Safeguards Rule audit trail requirements. See our guide to best password managers for tax practices for a detailed comparison
  • Active Directory or Microsoft Entra ID escrow — BitLocker recovery keys stored in Active Directory or Entra ID with centralized administrator access and an access log meet documentation requirements for Windows-managed environments

Whichever method your practice adopts, your incident response plan should document exactly who can authorize key retrieval and how to access recovery keys outside of normal business hours. Device failures and lost devices do not wait for convenient timing. Test recovery procedures at least once per year, document the outcome with the date and responsible personnel, and review key storage authorization lists whenever staff changes occur.

Bottom Line on Recovery Keys

A recovery key stored on the encrypted device provides zero protection. Store recovery keys in a physically separate, access-controlled location — fire-rated safe, enterprise password manager, or Active Directory escrow. The FTC Safeguards Rule requires written procedures and audit trails for every key access event. Without compliant key management, your encryption implementation fails on documentation grounds even if the technical controls are correct.

Encryption for Cloud Storage and Client Portals

Many tax professionals now store client documents in cloud services such as ShareFile, SmartVault, Canopy, or OneDrive. Cloud storage does not eliminate the need to understand how to encrypt client tax data — it shifts the responsibility to verifying that the cloud provider implements encryption correctly on your behalf.

IRS Publication 4557 and the FTC Safeguards Rule require encryption both at rest (stored data) and in transit (data moving between systems). Reputable tax-specific cloud platforms encrypt data at rest using AES-256 and transmit data over TLS 1.2 or TLS 1.3. Before using any cloud service for taxpayer data, confirm these controls exist in the vendor's security documentation and include that verification in your WISP.

Client portals present a specific risk: if a client uses an unsecured connection or a shared computer to access their portal, the data may be exposed on their end regardless of your server-side encryption. For a thorough review of portal security risks and controls, our guide on the security of tax client portals covers authentication requirements, session management, and the controls that distinguish secure portals from basic file-sharing tools.

For practices using cloud services alongside local systems, your tax cybersecurity solution should address both environments. Local devices still need full-disk encryption even when primary data lives in the cloud — tax software often caches client data locally, and downloaded files may persist on encrypted workstations but not on unencrypted ones.

Quantum Resistance, Long-Term Security, and IRS Audit Documentation

Tax professionals sometimes ask whether AES-256 will remain secure as quantum computing matures. According to NIST's post-quantum cryptography assessments, AES-256 remains secure against both classical and quantum computing attacks through at least 2035 and likely well beyond. Quantum computers theoretically reduce AES-256's effective security through Grover's algorithm, but the resulting 128-bit equivalent strength still provides sufficient protection for tax industry data throughout the practical lifecycle of any equipment you deploy today. NIST continues to recommend AES-256 for protecting sensitive data and requires no algorithm change for current Security Six compliance.

The asymmetric algorithms used in public-key infrastructure — RSA and ECDSA — face more significant quantum computing threats through Shor's algorithm, and NIST standardized post-quantum replacements for those beginning in 2024. For the symmetric encryption in BitLocker and FileVault, however, AES-256 represents a durable long-term investment that will not require replacement within the expected life of current hardware deployments.

What to Prepare for an IRS Encryption Compliance Audit

During an IRS or state tax agency compliance review, auditors typically request documentation showing your encryption controls are real, configured correctly, and maintained consistently. Prepare these records in advance so they are available on demand:

  • Device inventory — A current list of all systems subject to encryption requirements with verified encryption status for each
  • Encryption configuration records — Screenshots or Group Policy exports showing BitLocker cipher strength (XTS-AES 256-bit) or FileVault enabled status per device
  • Recovery key storage procedures — Written documentation of where keys are stored, who has authorized access, and how each access is logged
  • Annual testing records — Documentation that recovery procedures were verified, including dates, outcomes, and the names of responsible personnel
  • Staff training records — Evidence that employees received training on encrypted device handling and lost device reporting, with dates and attendees

All of this documentation belongs in your Written Information Security Plan. If your current WISP lacks encryption-specific sections, the Bellator all-in-one compliance package includes pre-formatted encryption documentation templates alongside a complete WISP. The PTIN and WISP requirements guide explains what auditors look for during IRS compliance reviews, including the encryption documentation that most practices are missing. For a broader overview of how encryption fits into your complete tax filing security strategy — including client portal security and secure data transmission — that guide covers the full picture for tax practices in 2026.

Get Your Free WISP Template with Encryption Documentation

Our WISP template for tax preparers includes pre-formatted encryption compliance sections for BitLocker, FileVault, and external storage — ready for IRS review.

Encryption as Part of Your Complete Security Program

Encryption is one layer of a defense-in-depth strategy. Tax practices that implement only encryption — without the other five Security Six controls — remain vulnerable to phishing, credential theft, and ransomware attacks that never need to touch disk-level encryption to steal taxpayer data. The controls work together: encryption protects data if a device is stolen; phishing awareness prevents credentials from being stolen in the first place; multi-factor authentication limits the damage when credentials are compromised.

Ransomware poses a specific threat that encryption alone does not address. Ransomware operators encrypt your data with their own keys — your BitLocker or FileVault protection does not prevent a ransomware attack, it only protects against physical theft. An encrypted backup stored offline and tested regularly is what actually protects a tax practice from ransomware data loss. For a detailed look at how ransomware targets tax professionals and how to defend against it, see our guide on what ransomware is and how it works.

The remote work security guide for small teams covers the additional encryption considerations for preparers working from home or satellite offices — including VPN requirements, home network security, and the WISP documentation requirements for remote work arrangements. As hybrid work becomes the norm in tax practices, encryption policies must account for devices that regularly leave the office network.

If your practice has experienced a data incident — or if you discover that encryption was not enabled on a device that contained taxpayer data — the data breach response guide explains the notification obligations under the FTC Safeguards Rule and IRS requirements, including the timelines that apply to tax preparers specifically.

What This Means for Your Practice

Encryption is required, not optional — every device storing taxpayer information must have AES-256 full-disk encryption enabled and documented. The IRS Security Six framework treats encryption as a baseline control, not an advanced measure. A practice that knows how to encrypt client tax data and has done so correctly reduces its breach liability, satisfies FTC Safeguards Rule requirements, and has the documentation to demonstrate compliance during an IRS review. Use the IRS Publication 4557 compliance checklist to verify every required control is in place.

Book a Free Tax Cybersecurity Assessment

Our security experts will evaluate your encryption implementation, WISP documentation, and Security Six controls — and provide a written report of findings and recommended next steps.

Frequently Asked Questions

Encryption is required for all tax preparers who handle taxpayer data, regardless of firm size. IRS Publication 4557 and the Security Six framework apply to solo practitioners and large multi-preparer firms alike. The FTC Safeguards Rule applies specifically to firms handling 5,000 or more consumer records annually, but the IRS WISP requirement — which includes encryption as a mandatory component — covers every licensed preparer. There is no size exemption for the Security Six encryption requirement.

The IRS Security Six framework requires AES-256 (Advanced Encryption Standard with 256-bit keys) full-disk encryption on all devices storing taxpayer information. This is implemented through Windows BitLocker (configured to XTS-AES 256-bit in Group Policy) or macOS FileVault. Software-level file encryption or folder passwords do not satisfy this requirement — full-disk encryption is required so that even physical access to the storage hardware cannot retrieve unencrypted data.

Yes. IRS Publication 4557 Section 10 explicitly requires encryption of all storage media containing taxpayer information, including USB drives, external hard drives, portable SSDs, network-attached storage (NAS) systems, and backup media. On Windows, BitLocker To Go provides AES-256 encryption for removable drives. For cross-platform environments, FIPS 140-2 or FIPS 140-3 validated hardware-encrypted drives work on Windows, macOS, and Linux without additional software.

Recovery keys must be stored separately from the encrypted device — never on the device itself or in an unprotected email. The FTC Safeguards Rule requires documented key management with written access procedures and audit trails. Approved storage options include a fire-rated safe with a dual-control access log, a bank safety deposit box with documented emergency retrieval procedures, an enterprise password manager with MFA and audit logging (such as 1Password Business or Keeper Business), or Active Directory / Microsoft Entra ID escrow for Windows-managed environments.

No. Modern hardware encryption has negligible performance impact. Independent benchmarking shows Apple Silicon Macs experience 0–1% performance difference with FileVault enabled. Windows systems with TPM chips perform BitLocker encryption using hardware acceleration, producing no measurable impact on tax software speed. Tax applications including Drake Tax, Lacerte, ProSeries, and TaxAct operate normally on encrypted drives. The encryption and decryption happen automatically at the hardware level without affecting application performance.

Cloud storage can satisfy the "data at rest" encryption requirement if the provider uses AES-256 encryption and you have documentation confirming this in their security attestation. However, cloud storage does not eliminate the need to encrypt local devices. Tax software frequently caches client data locally, and any downloaded files exist on the local device. Your WISP must address both cloud and local encryption controls separately. Verify that your cloud provider uses AES-256 at rest and TLS 1.2 or 1.3 in transit, and include that documentation in your WISP.

For an IRS or FTC compliance review, prepare: a device inventory listing all systems subject to encryption with verified encryption status; encryption configuration records (screenshots or Group Policy exports showing AES-256 settings); written recovery key storage procedures with access controls and audit trail documentation; annual recovery procedure test records including dates and responsible personnel; and staff training records showing employees were trained on encrypted device handling and lost device reporting. All of this documentation should be included in your Written Information Security Plan.

According to NIST's post-quantum cryptography assessments, AES-256 remains secure against both classical and quantum computing attacks through at least 2035. While quantum computers theoretically reduce AES-256's effective key strength through Grover's algorithm, the resulting equivalent strength remains sufficient for tax industry data throughout the practical lifecycle of current hardware. NIST continues to recommend AES-256 and requires no algorithm change for Security Six compliance. The public-key algorithms used in web certificates (RSA, ECDSA) face greater quantum risk, but those are separate from the disk encryption used in BitLocker and FileVault.

No. Encryption protects data if a device is physically stolen, but ransomware operates while you are logged in and the drive is already decrypted. Ransomware encrypts your accessible files using the attacker's keys. Your BitLocker or FileVault encryption does not prevent a ransomware attack — it only prevents data exposure from device theft. Protection against ransomware requires a combination of endpoint security, phishing-resistant multi-factor authentication, email security, and tested offline backups. An encrypted offline backup is the primary defense against ransomware data loss.

Penalties for non-compliance with encryption requirements come from multiple directions. The FTC can pursue enforcement actions against financial institutions (including tax preparers) that fail to implement Safeguards Rule controls, with civil penalties up to $51,744 per violation per day. State attorneys general may pursue parallel enforcement under state data protection laws. The IRS can refer non-compliant preparers for PTIN review and suspension. Additionally, a data breach resulting from missing encryption can trigger breach notification obligations, state regulatory investigations, and civil liability from affected clients.

Share

Share on X
Share on LinkedIn
Share on Facebook
Send via Email
Copy URL
(800) 492-6076
Share

Schedule

Need help with IRS compliance?

Our tax cybersecurity specialists can review your security posture and help you get compliant.

Protect your tax practice from cyber threats

Schedule a free consultation to assess your firm's security posture.