Back to Blog Home

How to Keep Your Clients' Data Secure

From cybercriminals to hurricanes, there are dozens of forces that could compromise your clients’ data. Here are 4 ways to keep that data secure.

1 min read



From cybercriminals to hurricanes, there are dozens of forces attempting to steal or destroy your clients’ data. It's important for your firm to devote enough resources to security to prevent private data from falling into the wrong hands or being lost altogether. Let’s look at four things you can do to make your firm more secure.

Ensure data is safe from threats

There are dozens of ways that your clients’ data can be stolen or damaged. This data can include customer financial records, details on their bank or investment accounts, and identifying information for debit or credit cards. Your tax firm’s important information can also be compromised if you don’t take precautions to keep it secure and protected. Your company is also responsible for other private data such as employee records, payroll information, and even regular correspondence.


By staying up to date with the latest risks and implementing safety features and practices, risks can be minimized. However, many companies are still not employing the proper tools to keep data safe. Cybercriminals frequently focus their attacks on small businesses like tax firms that usually have inadequate security features. In fact, according to the 2019  Verizon Data Breach Investigations Report, 43% of cyberattacks happen to small businesses. As a tax professional, you must be up to speed on how to keep your clients’ information safe in today’s world. 

Taking steps toward cybersecurity 

When it comes to cyberattacks, it’s difficult to stay ahead of the new developments and tools they employ. However, remaining complacent in the face of such threats is a big risk. You can never assume that your tax firm is too small or unimportant to become a target for cyberattacks. Fortunately, there are several things that you can do to keep data secure.

Become educated on scams

The single best thing you can do in your effort to keep your clients' data safe is to always stay up to date with the latest risks. Though the basics of security stay mostly constant, it is imperative that you know the details of the most likely security threats at any given time. After all, most security breaches happen when uninformed people are tricked into letting hackers in. Being up to date on the latest scam tactics could be the difference between being secure and getting scammed.

One of the best resources to help you stay abreast of information security trends is an IRS e-News subscription. The IRS sends out regular security tips and updates through its newsletters, including specifics about how you can avoid some of the latest cyberattacks and scams.


Use security software

Whether you employ someone to manage your computer systems or rely on yourself to do it, always install and update security software for your tax firm’s computers. There are plenty of companies that provide digital protection and they regularly update the software to keep up with the latest in cyberattacks. Make sure you and your employees perform regular updates once the software is installed for the best protection.

Rely on the cloud 

Not all data risks come in the form of nefarious international hackers. Data stored on your in-house servers or in file cabinets are subject to all kinds of other dangers. If your records are not kept in digital format, they can easily be lost in a fire or natural disaster. Data might also be destroyed by a simple power surge or roof leak at your office.

Keeping your data in the cloud helps mitigate all those risks and there are plenty of services out there that cater specifically to small businesses. Large web storage services go to enormous lengths to protect their servers both physically and digitally. You can benefit from another company’s cyber-expertise and keep all your digital data safe. Of course, not all cloud storage providers are created equal so do your research on selecting the best one for your needs. Providers that make security a priority will be able to keep your data safer than your own time and resources allow.

Rethink your passwords

Once upon a time, it was enough to create passwords from a random string of numbers, letters, and special characters as your password, change it at least every 90 days. However, as cyberattacks are more sophisticated than ever, creating a strong password is extremely important. Don’t be tempted to create a complex password that you won’t be able to remember, but also don’t use lazy passwords like “password,” “123,” or your pet’s name. 


Any password used by yourself and your employees should be long and memorable. The latest advice from experts on creating passwords with muscle is refreshingly simple—choose three or more random, unassociated words that you can easily memorize. Examples include “peacock television kettle scarecrow” and “ranger strawberry purple blanket.” Not only are these types of passwords easier for users to remember, but the longer password introduces more variables that are mathematically stronger than shorter random passwords.

Regulate employee access 

It may be hard to think about, but not all employees have the best interests of your tax firm in mind. To keep data secure, it’s important to place limits on employee access to certain types of data. You can work with experts on the best ways to store, collect, and access sensitive and personal information and what information needs to be shared and accessible to your employees. When an employee leaves your firm, avoid any trouble by changing passwords, especially those that access data in the cloud. Although you hope it would never happen, a disgruntled employee can easily steal, delete, or otherwise sabotage your tax firm’s data. 

No matter how large or small your tax firm is, you have any number of cases that contain sensitive information about your clients. It's important to take steps to minimize the chances of confidential client data reaching the wrong individuals or being lost altogether. When you focus on cybersecurity, you increase the odds of keeping that data private, as it should be.

Want to learn more about keeping your tax firm secure? Check out Is Your Practice Secure in the Cloud?

Leave a comment!