Skip to content

Securing your data

See also APES 305 Terms of Engagement disclosure requirement (from 1 July 2021) (Australia only)

We use industry-standard internet security measures to protect the information that's sent between your practice server and the MYOB Practice server, including:

  • TLS 1.2 encryption

  • oAuth authentication

  • security tokens

  • security is provided by Amazon Web Services.

The data request is initiated via MYOB Portal's API, which creates a secure path to your server to access the on-premise data, and then closes this path upon completion of the request. Requests are sent using the TLS 1.2 protocol, through port 443. RSA 2048 bit encryption is used.

Data storage

When you're using MYOB Practice, your desktop data stays exactly where it is now - in your practice or at your currently hosted location.

All data created and copied to the cloud is stored at Amazon Web Services Sydney region data centres. Security information is available regarding Amazon Web Services data centres. For specifics regarding data surrender to authorities, see the government rights of access section of Amazon Web Services.

For now, data flow between MYOB Practice and your practice server is one way. The MYOB Practice server simply views/reads the data directly from your practice server. No data is written back to your practice server.

Privacy Act considerations

MYOB has reviewed the ways in which it collects and handles personal information as a result of changes to the Privacy Act in Australia, to ensure that it continues to comply with its privacy obligations. Similarly in New Zealand, MYOB collects and handles personal information in accordance with the Privacy Act. 

Two-factor authentication

What can I do in MYOB Practice?

You can restrict access to your staff members by giving them permission to particular features in MYOB Practice.

If an employee's MYOB Login credentials are recorded in your practice database then that employee will have the ability to access MYOB Practice.

If you use MYOB AE, or MYOB AO (NZ only), any team security settings that you have applied in your practice database will still apply to this employee. Once your employees access MYOB Practice, they will only be able to see documents and tasks associated with the clients they have access to in their desktop software.

See also Restrict access to MYOB Practice (MYOB AE/AO users only).