JJStephens Posted December 16, 2024 Report Posted December 16, 2024 I recently turned sixty-ten (that's my way of dealing with what comes after 69). I used to think my memory wasn't what it used to be, but I don't recall it being a problem of late.  Some years ago I attended an IRS-sponsored webinar during which (I beleive) the speaker said the IRS does not permit tax preparers to store PII on Google Drive due to it's lack of security and in fact, could subject 230 preparers to fines if they do so. I've refused to do so ever since. My son is an IT pro. He tells me he knows of no such prohibition. I've searched and can find nothing on it. Am I simply mis-remembering? If any of you can shed any light on this for me I'd be ever so grateful. Quote
BulldogTom Posted December 16, 2024 Report Posted December 16, 2024 I don't have an answer but I will be interested to know if this is true. Tom Longview, TX Quote
mcbreck Posted December 16, 2024 Report Posted December 16, 2024 When did you have this webinar with the IRS? When it first started, Google Drive wasn't fully encrypted. Not the case today. Per my family member who works at Apple and a client who works at the FBI, you should assume they have full access to your files stored on their servers. Quote
JJStephens Posted December 16, 2024 Author Report Posted December 16, 2024 52 minutes ago, mcbreck said: When did you have this webinar with the IRS? When it first started, Google Drive wasn't fully encrypted. Not the case today. Per my family member who works at Apple and a client who works at the FBI, you should assume they have full access to your files stored on their servers. I don't recall when the webinar was but I do know it was at least 5 years ago. As to the second comment, it would seem that confirms the rationale for a ban on using it. Quote
Lee B Posted December 16, 2024 Report Posted December 16, 2024 Any cloud storage that you might use would be subject to the FTC law requiring MFA. 1 Quote
Medlin Software, Dennis Posted December 16, 2024 Report Posted December 16, 2024 For me, no online source is safe as is. What I mean is unless I have the ability to, and actually do, encrypt first, before the online source does their upload/storage, I do not consider it safe. IOW, I do not trust an online source to provide security, I assume my data will get compromised, so I have to secure it before posting. With the above said, I can then use ANY online source, as I only permit them to store data I have already secured. I have used many tools over the years, and storage locations. For online, at present, I sue my own servers, as well as AWS. The KEY is the software I use for file transfer, and the security method., I found Cobian Software meets my needs for automation and security. If one wants to also use a backup service, first spin the data through Cobian, then let the online service's software backup only the encrypted files you encrypted using Cobian. As a software dev, the trend is for each software to provide backup/storage, as it is much easier to support (rather than having to try to help those whose IT "expert" helped, or who paid a geek type company for "help"). Plus, the software dev knows what needs to be backed up, and will not skip something important. Remember, any security requirements apply to the DATA, not to the place you drop the data. And, MFA does not mean some sort of authenticator is required, just that an auth is one option. Quote
JJStephens Posted December 16, 2024 Author Report Posted December 16, 2024 4 hours ago, mcbreck said: When did you have this webinar with the IRS? When it first started, Google Drive wasn't fully encrypted. Not the case today. Per my family member who works at Apple and a client who works at the FBI, you should assume they have full access to your files stored on their servers. I don't recall when the webinar was but I do know it was at least 5 years ago. As to the second comment, it would seem that confirms the rationale for a ban on using it. On the other hand, I know that Google Drive now permits user-side encryption which presumably would enhance it somewhat. Quote
JJStephens Posted December 16, 2024 Author Report Posted December 16, 2024 I agree with Dennis that additional encryption is the only way to ensure security. I've used AWS in the past and recently looked into Varonis but haven't settled on anything yet. My original question was whether the IRS ever/still had a blanket prohibition about using G-Drive. My son uses it in his biz and has been encouraging me to consider moving there from the MS universe. Quote
Medlin Software, Dennis Posted January 10 Report Posted January 10 While my backup "game" was likely more detailed than 99.99% of the world, I stepped it up again this week. I added a NAS to my gadgets. As I discover and prove I am comfortable with what the NAS can do, I will be able to rid/repurpose a few gadgets. With proper encryption, you can leave your data on your front porch or even hand out USB sticks to your local hacker, and it will remain safe (maybe not against a group with national type resources and time, but those are not my concern at all). I doubt the IRS investigates or would want to take on an entity like Google by making a statement prohibiting using gDrive for storage. Few, if any, hacking groups are after the data you or I have, since what you have, even if it was 5000 clients, is worth their time. For me, I keep no card information, so hacking me would be a waste of time too. My concern is being able to get back to work in as short of time possible. 2 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.