Our 5 best data security tips

We’ve said it before, and again and again and again: Hackers do not fight fair. They don’t care that tax season is in full swing—and they don’t care that you are a two-person shop or sole proprietor. Actually, those are the qualities they look for in a cyberattack victim.

Malicious hackers more often go after employees who are:

• Busy and distracted.
• Working for a small- to medium-sized business.

Why? Because those two qualities mean that their victim is less likely to pay close attention to what they’re clicking on, browsing, or responding to. And a smaller-sized business or tax firm is less likely to have the security defenses in place to catch a ransomware attack before it has the chance to wreak havoc.

Don’t let cyber attackers get away with this any longer. It’s your actions every single day that defend or allow a cyber breach to occur.

Here are 5 ways you, an employee at any size firm, can reduce cyberattack risk, protect your data, your clients’ data, and protect yourself.

1. Learn how to reduce your cyberattack risk

• Visit trusted websites, such as the National Institute of Standards and Technology, for free- or low-cost cybersecurity resources.

With a little education, we believe most of these breaches would have been unsuccessful. Make sure you’re taking the required security awareness training your IT department sends out, and pay attention to it, or if you are in a smaller firm without a dedicated IT team, find training on your own.

2. Change your password frequently

• Passwords should be complicated and changed often.
• Never share your passwords.
• Use a unique password for every account.
• Use password managers, such as LastPass, Keeper, or Dashlane.

If you have a difficult time remembering passwords, try using a password management system. This article by PCmag.com lists the top 11 password managers to use.

3. Don’t trust your email

Once in a while, a malicious email may slip through even the best security programs. My rule of thumb? I don’t trust any email without taking a closer look.

Prevent phishing schemes by looking out for these email red flags:

• The email is from a colleague you rarely talk to.
• The email is riddled with grammatical and/or spelling errors.
• The sender’s email domain is something other than your company name. Pay extra close attention to this one, as sometimes hackers will snag a domain that’s indistinguishable from the one you’re used to at first glance, For example, @rightnetworks.com vs. @rlghtnetworks.com.
• The email is asking you to do something such as buy gift cards for vendors.
• The email implies urgency.

4. Enable multi-factor authentication wherever possible

Multi-factor authentication is not difficult to implement. It’s not complicated from an infrastructure setup perspective. And from a user perspective, it adds about three extra seconds to my normal login procedures. In fact, I was able to set it up myself at home.

Tell IT consultants to implement it for an all-around, more secure workstation. Or enlist the help of managed service providers.

Duo, Cisco’s user-friendly, multi-factor authentication product, is a component in our QuickBooks® Desktop hosting and Secure Workstation packages. The simple and effective method ensures that data and information can only be accessed by the user who is supposed to be accessing it.

We believe in Cisco’s product so much that we’ve implemented it for our employees, too.

Download our eBook, Security Benefits Multi-Factor Authentication

5. Use the cloud’s built-in security

• Reputable cloud hosting providers use advanced threat detection to notice unusual system behavior.
• With Hosting for Intuit® Lacerte® Tax and ProSeries® Tax, if a malicious hacker were able to enter your system and gain access to your data, data would be unreadable to them, as long as the cloud hosting provider uses data encryption technology, as we do.
• Further—victims of a ransomware cyber attack wouldn’t need to worry about paying any ransom to get their data back from the thief. Why? Because providers like us back up your data daily in case of accidental loss or deletion.

The most important data security lesson of all …

Maintaining data privacy is the responsibility of every employee, regardless of their title.

By following the tips included above (and leveraging cloud technology to make maintaining your business’s data even easier), you are doing your part to keep data secure.

Editor’s note: This article was originally published by Right Networks. It was updated with new information on August 5, 2025.