How secure is your accounting data?

Reading Time: 2 minutes

Accountants and tax specialists are responsible for clients’ financial information and in today’s world it has become more necessary than ever to take certain measures to prevent this data from being hacked and stolen. A data breach is among the worst things that can happen within the accounting profession as this will expose confidential information to unauthorised individuals and may put the company at risk. Luckily, with Cloud Accounting software like Xero, you can rest assured that your accounting data is protected.

How Xero protects your data

Xero is serious about its clients’ data protection. They are certified as compliant with ISO/IEC 27001:2013 which is globally recognised as the premier information security management system (ISMS) standard. To achieve this, Xero developed and implemented a robust security management program, including a comprehensive Information Security Management System (ISMS).

To protect their clients’ data, Xero has implemented multiple layers of protection for both personal and financial information. Some of the security measures taken to ensure privacy, include:

  • Clients control access to their accounts

As a Xero account holder, you control access to your account and have the flexibility to invite users to collaborate on your data. Besides giving users access to your account, you can also control what they can see and do. Not even Xero’s support staff have access to your private information unless you invite them to help.

  • User authentication

Every Xero account receives standard access via a login and password. For added security, however, users have the option of using two-step authentication. This requires you to enter a unique code generated by an app on your smartphone when logging in – this option is recommended as it recues the risk of your account being accessed by unauthorised individuals.

  • Data encryption

All personal and financial data that is sent between you and Xero’s industry-standard TLS (Transport Layer Security) is encrypted. Furthermore, data stored on Xero’s servers are also encrypted, and when it is transferred between data centres for backup or replication, it is encrypted again, allowing clients complete peace of mind.

  • Network protection

To protect its network systems and data, Xero has implemented multiple security controls such as firewalls, intrusion protection systems and network segregation. They have also partnered with leading security merchants to leverage their expertise and global threat intelligence to protect your data.

  • Secure data centres

Xero’s servers are only located in premium grade hosting facilities that have implemented physical security measures to prevent physical access to the servers. These measures include 24/7/365 monitoring and surveillance, security personnel and regular security inspections.

  • Continuous monitoring

The Xero team goes to great lengths to monitor their security systems, while also keeping an eye on users’ event logs, notifications and alerts, enabling them to identify and manage threats as quickly as possible.