Improvements Are Needed to Enhance the Internal Revenue Service’s Information System Security Controls

By Jean Hiefner

ICYMI: If you didn’t catch the management report Improvements Are Needed to Enhance the Internal Revenue Service’s Information System Security Controls (released on July 18, 2019), here is the information you need to know.

The report identified the following measures for implementation:

1. Use multifactor authentication for accessing certain applications in accordance with Office of Management and Budget (OMB) Memorandum M-11-11 and M-19-17.
2. Encrypt the email service in accordance with its policies
3. Enforce the requirement for using the appropriate certificates to electronically sign portable document format (PDF) documents, including certain tax documents

Read the Full Report

These recommendations are in line with government-grade best practices. Our Thursby Software solutions can solve each of the issues listed above. Here’s how:

• Customers can access secure, two-factor websites on their mobile devices through the secure Sub Rosa browser app. Sub Rosa works with derived credentials and authorized smart card readers to provide multifactor authentication according to the standard set by OMB Memorandum M-11-11. The PKard Toolkit utilizes this framework to provide multifactor authentication with a Common Access Card (CAC) or Personal Identity Verification (PIV) card to third-party applications through a royalty-free SDK.
• Included in Sub Rosa is a secure email client that allows access to Outlook Web Access (OWA) 2010, 2013, 2016, and OWA 365. Inside this client users can sign, encrypt, and decrypt emails according to federal policy.
• Thursby Software is in the process of developing a PDF signing feature which will allow customers to use digital certificates from a CAC, PIV, or derived credential to sign documents.

Contact us today at +1 817-478-5070 or sales@thursby.com to find out how we can quickly and efficiently help you keep your information secure.

Thursby is an Identiv company.