Practice Management Our 5 best data security tips Read the Article Open Share Drawer Share this:Click to share on Twitter (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window) Written by Kiara Williams Modified Jun 15, 2022 4 min read We’ve said it before, and again and again and again: Hackers do not fight fair. They don’t care that tax season is in full swing—they don’t care that you are a two-person shop or sole proprietor. Actually, those are the qualities they look for in a cyberattack victim. Malicious hackers more often go after employees who are: Busy and distracted. Working for a small- to medium-sized business. Why? Because those two qualities mean that their victim is less likely to pay close attention to what they’re clicking on, browsing, or responding to. And a smaller-sized business or accounting firm is less likely to have the security defenses in place to catch a ransomware attack before it has the chance to wreak havoc. According to Verizon’s Data Breach Investigation Report, 43 percent of breach victims were small and medium businesses in 2020. Don’t let cyber attackers get away with this any longer. It’s your actions every single day that defend or allow a cyber breach to occur. Here are 5 ways you, an employee at any size business or firm, can reduce cyber attack risk, protect your data, and protect yourself. 1. Learn how to reduce your cyber attack risk Visit trusted websites, such as the National Institute of Standards and Technology, for free- or low-cost cybersecurity resources. Keeping data secure begins at the user level. According to the Verizon report, 33 percent of successful breaches involved phishing or social engineering in 2020. With a little education, we believe most of these breaches would’ve been unsuccessful. Make sure you’re taking the required security awareness training your IT department sends out (and pay attention to it!). 2. Change your password frequently Passwords should be complicated and changed often. Never share your passwords. Use a unique password for every account. Use password managers, such as LastPass, Keeper, or Dashlane. If you have a difficult time remembering passwords, try using a password management system. This article by PCmag.com lists the top 11 password managers to use in 2022. 3. Don’t trust your email Once in a while, a malicious email may slip through even the best security programs. My rule of thumb? I don’t trust any email without taking a closer look. Prevent phishing schemes by looking out for these email red flags: The email is from a colleague you rarely talk to. The email is riddled with grammatical and/or spelling errors. The sender’s email domain is something other than your company name. Pay extra close attention to this one, as sometimes hackers will snag a domain that’s indistinguishable from the one you’re used to at first glance, for example, @rightnetworks.com vs. @rlghtnetworks.com. The email is asking you to do something, for example, buy gift cards for vendors. The email implies urgency. 4. Enable multi-factor authentication wherever possible “If companies just [implemented multi-factor authentication], they would be exponentially more secure …” – Brian Grayek, Virtual Chief Information Security Officer, Cosant Cyber Security So, if multi-factor authentication is such obvious protection, why don’t more businesses implement it? According to Grayek, either they don’t know, or they think it’s high-cost and it’s too hard to do.” Simply put: It’s not. It’s not complicated from an infrastructure setup perspective. And from a user perspective, it adds about three extra seconds to my normal login procedures, and I was able to set it up myself at home. Tell your IT guys to implement it for an all-around, more secure workstation. Or enlist the help of managed service providers. Duo, Cisco’s user-friendly, multi-factor authentication product, is a component in our QuickBooks® Desktop hosting and Secure Workstation packages. The simple and effective method ensures that data and information can only be accessed by the user who is supposed to be accessing it. We believe in Cisco’s product so much that we’ve implemented it for our employees, too. Download our eBook, 3 Reasons Why You Should Use Multi-Factor Authentication Security, today. 5. Use the cloud’s built-in security Reputable cloud hosting providers use advanced threat detection to notice unusual system behavior. With cloud hosting, if a malicious hacker were able to enter your system and gain access to your data, data would be unreadable to them (as long as the cloud hosting provider uses data encryption technology, as we do). Further—victims of a ransomware cyber attack wouldn’t need to worry about paying any ransom to get their data back from the thief. Why? Because providers like us back up your data daily in case of accidental loss or deletion. The most important data security lesson of all … Maintaining data privacy is the responsibility of every employee, regardless of their title. By following the tips included above (and leveraging cloud technology to make maintaining your business’s data even easier), you are doing your part to keep data secure. Editor’s note: This article was originally published by Right Networks. Previous Post Security Is a must In a hybrid environment Next Post Top client accounting and advisory service resources Written by Kiara Williams Where to begin with this bio—My enthusiasm for LEGO kits? The collection of semi-complete art projects stacked in my office? Or how about my love of all things Harry Potter? Well, in a nutshell, that's me. But while building, crafting and learning about witchcraft and wizardry ultimately create my off-hour hobby carousel, I dedicate work time to writing for Right Networks and the accounting profession. My ultimate goal? Produce quality content (for the industry supporting us all) that does more than inform—it entertains. More from Kiara Williams Comments are closed. Browse Related Articles Practice Management Small business, smart cybersecurity Practice Management What is a VPN? (and 4 reasons why every tax professiona… Practice Management Moving to the cloud: Cybersecurity Practice Management Cybersecurity basics for the tax practice Tax Law and News How to Avoid the W-2 Email Scam Practice Management How to Update Your Tax Firm’s Data Safeguards Bas… Client Relationships 4 Tips to Help Your Clients Avoid Tax Season Phishing S… Practice Management Running a Security Checkup Client Relationships Help Your Clients Handle Identity Theft Tax Law and News March 31: What Employers Need to Know About Health Insu…