Tax Day came and went with a bang this year when the IRS computer system meltdown halted the processing of millions of returns. Here’s what happened and what you can do to avoid a similar situation.
Let’s start with a quote from a tax practitioner who has to deal with the IRS website as a regular part of their practice.
“It’s a crapshoot everyday whether it’s going to work.”
Ouch. Is that the way you want to run your business?
We thought not.
Unfortunately for the IRS, the system crash just happened to fall on Tax Day.
It's still not clear on whether it was actually volume that did it, but either way - that made it super news-worthy, just like the Equifax hack.
What does the IRS system crash and the Equifax hack have in common?
Outdated system software which makes them extremely vulnerable to cyber-attacks.
In the case of the IRS, it was not a cyber-attack that caused the outage. It was a system failure due to outdated software that’s been kept on life support for many years, reportedly dating back to the 60s.
The glitch happened on a “newer” piece of hardware that was running the old software.
In fairness to the IRS, it’s been reported that they’ve been unable to obtain adequate funding for much needed technology upgrades. So they’ve band-aided it along with fingers crossed.
They’re not alone. We run into many clients who are stuck maintaining old systems.
More often than not, it’s often a proprietary, outdated software program that was purpose-built for the organization and has never been properly updated or replaced.
The issue with this is two-fold.
- The cost of maintaining outdated software is probably more than you think. It’s likely that newer, simpler and cheaper technology exists.
- Even if its off-the-shelf software from a reputable vendor, you’re still stuck with unsupported software, missing out on new features, suffering incompatibility issues, and unable to get IT security updates.
Which brings us to the Equifax hack.
In this case, having outdated software caused more than just a “glitch.”
And we’re not talking about a proprietary program built in the 60’s, we’re talking about a server that failed to be updated with current security patches that were readily available.
"Someone" neglected to ensure the latest patches and updates were completed, and there is nothing that hackers like better than finding old software with known vulnerabilities.
Like waving a red flag in front of a bull.
That’s why we talk non-stop about the benefits of automated monitoring and management of your IT infrastructure, which will ensure your servers and computers are always up-to-date.
Humans are known to forget. Just ask the IT security team at Equifax.
Moral of the story?
Make sure all of your systems, servers and computer applications are kept up-to-date with the latest software updates and patches as soon as they are available. Be sure to ask your IT service provider if you have this in place today.