How to minimise the risk of your Xero account being compromised

StuartCloud Accounting

jason blackeye 198848

There are many benefits to using cloud accounting. Using cloud systems such as Xero delivers the flexibility of accessing your data from anywhere, at any time, and contrary to some belief, there can be a higher level of security than many small business networks.

That said, we don’t deny cyber crime is becoming more sophisticated with an alarming increase in phishing scams and malicious emails requesting sensitive information and credentials.

So it pays to be vigilant and minimise the chance of your financial data being compromised.


Two Factor Authentication

Two-Step Authentication verifies the identity of a customer logging into the Xero dashboard by requiring them to use their existing password and a second, unique code randomly generated by the Google Authenticator app on their smartphone, each time they log in.

The Two-Step Authentication means only the Xero user with access to that trusted device will be able to log in, making it difficult for unauthorised people to access the account.

Xero also offers trusted device recognition. You’ll be able to select “Remember me for 30 days” as an optional setting. If you select “Remember me for 30 days” you won’t need to perform the second authentication step on that device for 30 days.

Watch this video to see how to setup and use Two-step authentication.


Assurance Dashboard

This feature allows your advisor to perform a risk assessment through ‘the lens of the fraud triangle’; quickly preparing an audit trail of activity and revealing any unusual changes to a Xero file.

If you suspect fraudulent activity, simply let your 542 account manager know and we’ll review your Xero file via our assurance dashboard to detect what could be seen as fraudulent activity.


How Xero Protects Your Data


Xero works hard to protect your data with multiple layers of security:

  • Online backups are updated throughout the day, every day, and stored in multiple secure locations.
  • Data is encrypted using industry-standard data encryption and multiple layers of firewalls are in place.
  • All access to Xero data centres and servers are controlled and monitored 24/7, with regular security audits.
  • You control information access: No one has access to your organisation’s data unless you invite them.
  • You control who and what users can see and do in Xero.
  • Subject to our privacy policy, Xero doesn’t share your personal or financial information unless you give permission.
Are you looking for accounting systems you can trust? Talk to us to arrange a consultation.

Or check out our website for more information.


Love the blog? Subscribe to receive it fortnightly.


What do you think?

We would love to hear your thoughts! Feel free to submit your comments below or comment on our Facebook Page or Twitter.