Protecting Your Office from an HR Data Breach: Tips for Tax Season


Hacking employee computers can put your company in danger.
Hacking employee computers can put your company in danger.

Today’s post is a very timely guest post from the folks at
Tax season is here, and over the next few weeks, you will be transmitting absolutely every financial detail about your company and its employees over the internet. Protecting this information is critical, and you need to ensure that you and your employees are updated on the safest internet protocol. Whether you are emailing receipts for business expenses or compiling social security numbers and other employee data for the tax forms, you need to have the know-how to sidestep a security breach.

Employee Education

Spending a few hours working in a coffee shop is standard for most telecommuters, and using the internet in hotels is a must for most business travelers. However, both situations can be risky. Before letting them fire up the company laptop in any public sphere, make sure that they are adequately trained on safety protocol.
When you sign into a public WiFi, anyone who is on the network at the same time can easily steal any data that you are transmitting. That includes usernames, passwords, social security numbers, and account numbers, as well as the text of emails. According to the Daily Telegraph, the threat of having this information compromised is just getting worse. To curb the threat, ensure that your employees are educated about the risks and willing to take the following precautions:

  1. Never log in to any websites that have a broken padlock.
  2. Ensure that the website has “https” instead of “http”–the “s” stands for secure.
  3. If possible, sign into a virtual private network.

Virtual Private Network

According to Cisco Systems, a virtual private network or VPN is an essential tool for businesses who want to keep their sensitive data safe while also providing their employees with a way to remotely access the company’s private network. The key component of a VPN is data confidentiality. When your employees sign into a VPN, everything that they send or access will be encrypted, and that makes a data breach nearly impossible.
You can build your own VPN with desktop software, dedicated hardware including a firewall, a dedicated VPN server, and a network access server. However, if you don’t have an IT team or the knowledge to set up your own VPN, you can use a turn-key solution like WiTopia. A VPN secures financial and tax details, but it also ensures that any HR details you send between computers can’t be compromised. Your employees need and deserve that level of security, and not providing it to them could turn into an HR nightmare. Imagine having an employee sue you because you accidentally compromised their social security number and exposed them to identity theft.

Damage Control

Unfortunately, regardless of how diligent you and your employees are, breaches can happen. However, it is important to note that many data breaches occur under the radar, and by the time you realize anything has happened, the damage has already been done.
If you have an identity theft monitoring service such as LifeLock in place, it will patrol the internet on your employee’s behalf, constantly looking for fraudulent credit card applications or other signs of an HR breach. In the event that your employee’s personal details do get compromised, you need a damage control plan. As soon as you realize that the breach has occurred, someone should identify the cause and the potential risks and enact a plan to contain the breach.

Leave a Comment

Pin It on Pinterest