Data security has become a very large, and very important, part of what we do in the income tax industry. That’s why it makes sense for every tax office—large or small—to hire a cybersecurity professional to help safeguard the business’ data and the data of their clients.
Choosing a security professional isn’t like shopping out of a catalogue; it should be done in person, face-to-face with the candidates. Every tax firm is unique, so tax practitioners should discuss their specific concerns with each security pro who seeks your business.
The first order of business in choosing the right cybersecurity professional for you, is to simply ask around. Talk to other business owners in your area or other tax pros for any recommendations or references they can give.
Next, if there’s more than one candidate, bring them in for an in-person interview. This is a very important step. Ask the candidates just how much experience they have in data protection. Here are some examples of some other questions to consider, courtesy of the IRS:
- How does ransomware work and what can we do to protect our systems?
- What are the best options to securely back-up data and why are those options the best?
- Do you have suggestions regarding data encryption, malware, firewalls, disaster recovery, and remote access tools?
- Have you ever created a security plan for a similar business?
- Can you do an assessment of my systems and processes to find vulnerabilities or weaknesses? If so, will you then provide recommendations to strengthen my security?
- Will you provide ongoing monitoring of my systems as security threats evolve? If so, how often do you recommend changes?
There may be additional questions to ask, based on your situation. Feel free to tailor any of the questions in our sample list to your specific operation.
Also, don’t overlook what used to be called “soft skills.” As the owner of the business, you’ll be looking to hire someone with whom you feel comfortable discussing the safety and security of your business and your clients.
The right candidate will also be able to relate to your staff, because the winning security pro will have to explain new hardware and procedures to you and your staff in a way that’s understandable. You speak taxes, but they speak security. Make sure you’ve got middle ground and understand each other.
Once you’ve settled on the best security professional for your tax office, secure an agreement or engagement letter so both parties understand the terms of the agreement and the work to be done.
For more information on hiring a security pro for your office, check out two sources from the IRS: Data Theft Information for Tax Professionals and Small Business Information Security: The Fundamentals.