Category Archives: Security Updates

AN UPDATE FROM TAXLAB ON COVID-19 (CORONAVIRUS)

Last updated 22 March 2020

Taxlab Service Availability Is Business as Usual

We activated our Business Continuity Plan as a precautionary measure on 16 March 2020 and tested closure of our Auckland office and London working hub. We do not anticipate any issues in service uptime or support availability. To help you understand and gain assurance of our business continuity, please see further information below:

  • We provide software-as-a-service and continue our product development and delivery of service through the use of cloud applications. 
  • We have confirmed with external service providers to ensure they too, can continue to deliver to us.
  • We have full-time remote workers, and as such we are highly practised using remote collaboration and communication tools to ensure business as usual.
  • We do not expect any technology bottlenecks should we need all our staff to work remotely.
  • Our team will continue to be contactable via our Support Helpdesk, either via phone (0800 00 1035) or email (support@taxlab.online) and we continue to be committed to delivering high quality customer service. 
  • As March is traditionally a more intensive time of year for tax and finance professionals who navigate pending return filing dates and financial year end, we do anticipate our team to be very busy supporting your software queries. We thank you in advance for your understanding and patience and note that we will endeavour to respond as soon as possible.

We do not anticipate any significant changes to our business continuity plan or COVID-19 policies but as we navigate this dynamic landscape, any updates are likely to be made on this webpage.

Safety of Our People

We have implemented COVID-19 policies across our staff in NZ, Australia and UK. This includes:

  • Halting travel (domestic or international)
  • Declining face to face business meetings or events in favor of virtual meetings
  • Reinforcing good hygiene habits
  • Temporary closure of our Auckland office and London working hub to support Government reccomendations to work from home.
  • Encouraging all staff to take appropriate precautions in line with government recommendations as we continue to put the safety of each other first.

While we serve the needs of our customers, we will continue to work both at our offices and remotely at home in line with government mandates and advice.

Take Care

Our team remains committed to your success. We are well placed to continue business as usual and maintain the software service and support you expect from us.

We wish you, your family and your colleagues, good health and diligent hygiene as we look to overcome uncertain times.

Depreciated support for IE10

On 12 January 2016, Microsoft support ends for older versions of Internet Explorer.

Microsoft recently announced that, beginning next Tuesday, 12 January 2016, they will officially retire Internet Explorer versions 8, 9, and 10 for most Windows operating systems. This basically means the end of security updates and technical help for versions of Internet Explorer other than 11, the latest iteration. Internet Explorer has been living on borrowed time since Internet Explorer 11 rolled out in 2013. Its officially the last version with Microsoft now focused on the Edge browser that comes with Windows 10 instead.

Changes to TaxLab minimum requirements

TaxLab will officially be shifting its minimum requirements from Internet Explorer 10 to Internet Explorer 11 from 12 January 2016 in line with Microsoft. While it’s likely that TaxLab will continue to work in Internet Explorer 10 for some time yet, but we will not be optimising our code for it due to its obsolescence and TaxLab features will eventually stop working as well as they should.

What you should do

If you are using an earlier version of Internet Explorer, please update to a modern browser. We recommend using Google Chrome, but also support Mozilla Firefox, Microsoft Internet Explorer 11 and Microsoft Edge. Please contact us on 0800 00 1035 or support@taxlab.co.nz if you would like to know more.

The poodle bug

What is the Poodle bug

A security vulnerability named Poodle Bug was recently identified in an old version of SSL (SSLv3). This may impact some older browsers, which are unsupported by TaxLab. The Poodle Bug is registered in the Common Vulnerabilities and Exposures system as CVE-2014-3566.

Was TaxLab affected

The Poodle Bug only affects older web browsers that TaxLab does not support. In theory this should mean that you were not impacted as it is unlikely you will have been able to use TaxLab from an older unsupported browser.

Actions we have taken

Any time there is a potential threat to the TaxLab system, we conduct a security review. This includes understanding the threat in detail and its potential impact on the TaxLab system and our users. We have disabled SSLv3 for all users of our tax software to ensure they are not vulnerable to this issue (including our tax provision software, income tax return software and FBT software). This should not impact your use of TaxLab as, again, it only affects older unsupported browsers.

What you should do

Keep your web browser up to date as older browsers are more vulnerable to attacks and bugs.

In general, we remind you that its good practice to regularly change any passwords that you use online. You should also use a different password for each site that you use. In particular, you should regularly change your online email password. You should also enable multi-factor authentication if it is available.

If you would like to know more about TaxLab’s response to the Poodle Bug please contact us any time. We don’t publish all of our security precautions (as this would inherently be a poor security practice). However, we would be happy to discuss some of our security precautions with you and how we mitigate risks.

The heartbleed bug

What is the Heartbleed Bug

The Heartbleed Bug is an OpenSSL security flaw that was announced in April 2014. It has since gained a lot of media publicity. The Heartbleed Bug is registered in the Common Vulnerabilities and Exposures system as CVE-2014-0160.

Was TaxLab affected

No. We predominantly use Microsoft technologies including Microsoft Azure, which does not use OpenSSL. As such, TaxLab has been unaffected by the Heartbleed bug. We can assure you that your TaxLab data was not at risk from the Heartbleed Bug. This includes our Tax Provision Software, Income Tax Return Software and FBT Software.

Actions we have taken

Any time there is a potential threat to the TaxLab system, we conduct a security review. This includes understanding the threat in detail and its potential impact on the TaxLab system and our users. We have evaluated Microsoft’s response and release of information regarding Microsoft Azure and Heartbleed. We can rely on their systems as unaffected.

What you should do

While TaxLab was not vulnerable, other services that you use from other companies may have been impacted. If you use the same password for TaxLab as other websites or services, we recommend you change your TaxLab password immediately. Beyond that, no further action is necessary in respect of TaxLab’s tax software system.

In general, we remind you that its good practice to regularly change any passwords that you use online. You should also use a different password for each site that you use. In particular, you should regularly change your online email password. You should also enable multi-factor authentication if it is available.

If you would like to know more about TaxLab’s response to the Heartbleed Bug please contact us any time. We don’t publish all of our security precautions (as this would inherently be a poor security practice). However, we would be happy to discuss some of our security precautions with you and how we mitigate risks.