Back in the day, many independent tax preparer offices didn’t have much need for outside experts in order to carry out their work. As computers and networking came into common use, so did the need for more specialized knowledge.
Even then, though, a lot of smaller operations made do with the people on hand; tech-savvy staffers or proprietors were able to take care of most challenges. Occasionally, though, a computer specialist was needed to sort out the occasional thorny problem or malfunction. But once the issue was tackled, the office went on humming as usual.
Unfortunately it’s a different landscape now. Cybersecurity has become the new tech. The challenges got tougher and the stakes higher.
It’s time to bring in the other professionals.
With identity thieves and tax return fraudsters hiding in every blind alley on the internet, many tax preparers are hiring a cybersecurity professional in order to protect their offices and the data of their clients.
The security community understands the old “one size fits all” approach may not apply when constructing defenses for tax preparer offices. Every tax office is unique and may have their own concerns and needs. So when it comes time to hire your cybersecurity specialist, take time to ensure the potential team member knows what is important to you.
You’re not alone in the need for security help. Talk with other business owners or pros you trust to get their recommendations or references.
Remember that your decision will be based on trust. So choose someone with whom you feel comfortable discussing the safety and security of your business – and your clients.
Don’t be afraid to ask questions of your candidates. You deserve to know things such as how much experience they have in data protection. The IRS has some examples of questions a tax professional might pose to a potential cybersecurity specialist:
- How does ransomware work and what can we do to protect our systems?
- What are the best options to securely back-up data and why are those options the best?
- Do you have suggestions regarding the following: data encryption, malware, firewalls, disaster recovery and remote access tools?
- Have you ever created a security plan for a similar business?
- Can you do an assessment of my systems and processes to find vulnerabilities or weaknesses? If so, will you then provide recommendations to strengthen my security?
- Will you provide ongoing monitoring of my systems as security threats evolve? If so, how often do you recommend changes?
Once you’ve selected the specialist who is right for you, secure a written agreement or letter of engagement to ensure that both parties understand the terms of the agreement.
For additional information on what tax professionals can do to defend against cybercrime, check out Data Theft Information for Tax Professionals on IRS.gov.