CS Professional Suite application security overview

Alerts and notices

The IRS mandates certain security measures in our software to help protect tax preparers and taxpayers. These security measures require you log in to any software related to the preparation of tax returns, so you and your staff must log in to your CS Professional Suite applications. The credentials you use depend on the CS Professional Suite products you have licensed. See the information below for more detail about CS Professional Suite security.

Note: These changes do not impact versions of UltraTax CS prior to 2016.1.0.

Multi-factor authentication: We strongly advise you to employ multi-factor authentication for additional security. To enable this added layer of protection, we have introduced the Thomson Reuters Authenticator mobile app, which can help firms meet industry-standard factors for authentication. What is multi-factor authentication?

Many of your online accounts or software applications are currently protected by a login and password. That password is a single factor in the authentication process — the only way that those applications or services confirm your identity. Unfortunately, passwords are easily stolen or hacked, which means that the accounts and data behind those passwords are at risk.

Multi-factor authentication adds at least one more layer of identity verification to the sign in process, so your protection against hacking and fraud attempts is stronger and more secure than simply using a password. An additional factor can take many forms, the CS Professional Suite products use the Thomson Reuters Authenticator app. Using the Authenticator app, multiple factors are required to verify your identity during the authentication process.

Important information about IRS security requirements

Per the IRS, software providers are required to implement the following security measures in all tax applications for professionals.

Logging in to CS Professional Suite applications

CS Professional Suite licensing determines the type of account that is used to log in to CS Professional Suite applications. Complete the steps below to determine which type of account is required for your firm.

  1. Open your CS Professional Suite application. 
  2. To determine which account type should be used to log in, review the sign-in screen configuration. Show me.

    To differentiate between CS Web and Onvio Thomson Reuters IDs, use the text below the sign in button.


    Need to create or manage accounts for your firm?.

    If your firm uses CS Web Thomson Reuters IDs, see Creating and registering CS Web Thomson Reuters IDs.

    If your firm uses NetStaff accounts, see Adding NetStaff CS user portals.

    If your firm uses Onvio Thomson Reuters IDs, see Add or update staff information.

  3. Log in with credentials for the required account type.

    You must have an Internet connection the first time you log in to a CS Professional Suite application on a workstation, so your credentials can be authenticated. After that initial authentication, logging in to your software does not require a constant Internet connection.

    More information - my Internet is down or I lost my connection.

    • If you lose your Internet connection while logged in to a CS Professional Suite application, you will not lose access to the software.
    • Logging in while disconnected from the Internet will allow you to work in the applications.
    • To ensure CS Professional Suite applications have access to the Internet, configure your Firewall and Internet Explorer settings.

    Note: An Internet connection is required for some operations in CS Professional Suite applications, such as electronically filing tax returns via UltraTax CS.

NetStaff CS and NetClient CS portals

If you use NetFirm CS, Virtual Office CS, or Software as a Service (SaaS), confirm that all staff members who use your CS Professional Suite products have NetStaff CS accounts. For details, see  Adding staff portals. You may also want to provide  information about strong passwords to your clients who use NetClient CS.

Internal notes

Internal help topics

Internal: Common questions for security and CS Web accounts

Internal: CS Web accounts- no contacts have Admin permissions assigned

Internal: Login credentials with multi-office or office share licensing

Internal: UltraTax CS & Fixed Assets CS security login workaround

Internal: Verifying application login credentials with EMS

Internal: Workflow for Accounting CS Bank Feeds multi-factor authentication

Internal training videos

Internal security training - Part 1 (approx 15 mins.)

Watch this video learn about updates coming soon to application security. This video was created to train staff in preparation for the November 7, 2016 communication (TL 30521) sent to customers about changes coming soon to their applications. 

Internal security training - Part 2 (approx 25 mins.)

Watch this video to learn how firms will complete the authentication process and (based on how applications are licensed) what the differences are in application login credentials.

Security and EMS (approx. 30 mins)

Watch this video to learn how to use EMS to verify what login credentials an external user should enter, if their CS Web Administrator has completed the security migration process, and if they have been given the correct permission level for access to CS Professional Suite desktop applications.