MYOB Security Commitment
MYOB takes the privacy and security of our clients’ business data very seriously.
We use and follow industry best practices, including:
- globally recognised ISO 31000 Risk Management Standard;
- security controls based on the ISO 27001 Information Security Management Standard;
- internal security team responsible for management and monitoring of all product suites and related services;
- use of a secured encrypted channel, for all communication, ensuring that the transmission of data between the computer/browser and the MYOB product is not compromised;
- compliance with Payment Card Industry Data Security Standard (PCI DSS) for the handling of credit card data; and
MYOB engages external security vendors to test our products both during and post-development. The testing uses the Open Web Application Security Project Application Security Verification Standard, which provides:
- application developers and application owners with a yardstick to assess the degree of trust that can be placed in our online products; and
- guidance to our product engineers about building security controls to satisfy application security requirements.
Banking security standards
MYOB BankFeeds feature uses the same security measures required of banks and other financial institutions when transmitting data. The MYOB client authorises their data supplier (typically a bank or other financial institution) to provide MYOB with transaction data relating to the client’s nominated account through a secure, integrated software linkage, direct between the supplier and MYOB. MYOB complies with PCI DSS which is a security standard set by the major credit card companies, in relation to our BankFeeds feature.
World class partners
MYOB partners with world class suppliers who provide key infrastructure and services, such as monitoring for suspicious activity, physical security, server and power redundancy, and built-in firewalls:
- Microsoft Azure production platform hosted in Australia
- For details about Security, Privacy, and Compliance in Microsoft Azure, please visit here.
- Microsoft Azure audits are performed as per http://azure.microsoft.com/en-us/support/trust-center/compliance/
- Amazon Web Services production platform hosted in Australia
- For details about Security, Privacy, and Compliance in Amazon Web Services, please visit here.
- Amazon Web Services audits are performed as per https://aws.amazon.com/compliance/
Read the MYOB Group Privacy statement.
To report a security vulnerability, please read the MYOB responsible disclosure statement.