The IRS just issued the first in a series of “security tax tips” and while I think we can all agree that we can never talk too much about security, don’t you find it odd that a government organization which has already demonstrated its incompetence in backing up their Director’s email should think it has any business dishing out advice on security?
The more I’ve thought about this the more it’s bothered me. No matter what you think of the IRS, it has a crucially important job collecting revenue so that our government can operate, so shouldn’t that be what they should focus on? This foray into security is like going into a Post Office to mail a letter and finding they have auto repair shop set up and along with selling you stamps offer to change your oil.
Digging a little deeper it appears the Commissioner, Lois Lerner, is responsible for starting a whole security awareness campaign complete with having summit meetings and a collaborative group to fight tax-related identity theft. Again, all good intentions but as we all know, the road to hell is paved with good intentions. I wonder how much of our tax dollars are going into this little boondoggle?
As a security company we couldn’t agree more on the importance of improving computer security and security awareness, but is the IRS the right organization to do this and this really the best use of our taxes? This is what’s called “feature creep” in software development and “mission creep” in the military.
Allowing the IRS to lecture us on computer security is kind of like being a teenager and Uncle Morty being delegated to give us “the Talk”: It’s weird, inappropriate, and we all know that Uncle Morty’s last date was in 1963 so he’s hardly up-to-date on how things really work.
The IRS needs to focus on what their job is, stop spending our tax dollars on non-core functions, and leave security education to the professionals. And while they’re at it, clean up their act.
Am I wrong on this? Your thoughts?
This blog post was actually not written by David Griffith so please do not audit him as he is just the CEO of Azstec LLC, the creators of docNCRYPT, the incredibly simple document security solution for everyone. If you have any comments or questions, email David at dgriffith [at]azstec.com and follow the Azstec Blog or on Twitter or LinkedIn.
Try our free 30-day trial of the docNCRYPT Outlook Plugin to see how simple it is to protect your email and confidential documents (particularly those tax documents and that SSN of yours).
Photocredit: Wikimiedia Commons