Xero – Peace of mind with security
11th July 2017A potential worry to some businesses when contemplating cloud based accountancy software is how secure their information is. Today I am looking at the security measures Xero has put in place to give businesses peace of mind and protection.
Xero implement a wide range of procedures to make sure your information is safe.
Controlled Access
Only invited users have the ability to access your account. Whether you control your account or your Whiting & Partners representative does, only relevant users can access your details. Even Xero’s customer support staff cannot access your information unless you invite them to help.
Direct Bank Feeds
If these are available to your bank they can be a great way to save time. All information is directly sent from your bank account straight into Xero. The important thing to remember with direct feeds: they are a one-way feed. Xero has no access into your bank account, only to the information your bank supplies to them.
User authentication
Xero provide standard access to the Xero software through a login and password. In addition, they offer the option of using two-step authentication process. This provides a second level of security for your Xero account. It also means you are asked to enter a unique code generated by a separate authentication app on your smartphone. We recommend the two-step authentication as it reduces the risk of your Xero account being accessed if your password is compromised.
Data encryption
Xero encrypt all data that goes between your account and Xero use industry-standard TLS (Transport Layer Security) which protects all your personal and financial data. Your data is also encrypted at rest when it is stored on Xero’s servers and encrypted when they transfer it between data centres for backup and replication.
Secure data centres
Xero’s servers are located within enterprise-grade hosting facilities that employ physical security controls to prevent any physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. Xero maintains multiple geographically separated data replicas and hosting environments to minimise the risk of data loss or outages. Xero’s Security team continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.
These are some of the many procedures Xero has in place to insure your company’s information is safe from threats, both physical and cyber. If you would like any more information about Xero’s security procedures or would like to arrange a meeting with one of our Xero advisors, please contact me.
Disclaimer - All information in this post was correct at time of writing.