MYOB takes the privacy and security of our clients’ business data very seriously.
We use and follow industry best practices, including:
globally recognised ISO 31000 Risk Management Standard;
security controls based on the ISO 27001 Information Security Management Standard;
internal security team responsible for management and monitoring of all products and services;
use of secured encrypted channels, ensuring that the transmission of data between your computer/browser and the MYOB product is not compromised;
compliance with Payment Card Industry Data Security Standard (PCI DSS) for the handling of credit card data.
compliance with the Australian and New Zealand privacy laws, including the Australian Privacy Principles (for more details, please visit MYOB's Group Privacy Policy here).
Independent testing
MYOB engages external security vendors to test our products both during and post-development. The testing uses the Open Web Application Security Project Application Security Verification Standard, which provides:
application developers and application owners with a yardstick to assess the degree of trust that can be placed in our online products; and
guidance to our product engineers about building security controls to satisfy application security requirements.
Banking security standards
MYOB BankFeeds feature uses the same security measures required of banks and other financial institutions when transmitting data. The MYOB client authorises their data supplier (typically a bank or other financial institution) to provide MYOB with transaction data relating to the client’s nominated account through a secure, integrated software linkage, direct between the supplier and MYOB. MYOB complies with PCI DSS which is a security standard set by the major credit card companies, in relation to our BankFeeds feature.
World class partners
MYOB partners with world class suppliers who provide key infrastructure and services, such as monitoring for suspicious activity, physical security, server and power redundancy, and built-in firewalls:
Microsoft Azure production platform hosted in New Zealand
For details about Security, Privacy, and Compliance in Microsoft Azure, please visit here.
Microsoft Azure audits are performed as per http://azure.microsoft.com/en-us/support/trust-center/compliance/
Amazon Web Services production platform hosted in New Zealand
For details about Security, Privacy, and Compliance in Amazon Web Services, please visit here.
Amazon Web Services audits are performed as per https://aws.amazon.com/compliance/
Read the MYOB Group Privacy statement.
To report a security vulnerability, please read the MYOB responsible disclosure statement.