MYOB Security Commitment

MYOB takes the privacy and security of our clients’ business data very seriously.

We use and follow industry best practices, including:

  • globally recognised ISO 31000 Risk Management Standard;
  • security controls based on the ISO 27001 Information Security Management Standard;
  • internal security team responsible for management and monitoring of all product suites and related services;
  • use of a secured encrypted channel, for all communication, ensuring that the transmission of data between the computer/browser and the MYOB product is not compromised;
  • compliance with Payment Card Industry Data Security Standard (PCI DSS) for the handling of credit card data; and
  • compliance with the Australian and New Zealand privacy laws, including the Australian Privacy Principles (for more details, please visit MYOB's Group Privacy Policy here).

Independent testing

MYOB engages external security vendors to test our products both during and post-development. The testing uses the Open Web Application Security Project Application Security Verification Standard, which provides:

  • application developers and application owners with a yardstick to assess the degree of trust that can be placed in our online products; and
  • guidance to our product engineers about building security controls to satisfy application security requirements.

Banking security standards

MYOB BankFeeds feature uses the same security measures required of banks and other financial institutions when transmitting data. The MYOB client authorises their data supplier (typically a bank or other financial institution) to provide MYOB with transaction data relating to the client’s nominated account through a secure, integrated software linkage, direct between the supplier and MYOB. MYOB complies with PCI DSS which is a security standard set by the major credit card companies, in relation to our BankFeeds feature.

World class partners

MYOB partners with world class suppliers who provide key infrastructure and services, such as monitoring for suspicious activity, physical security, server and power redundancy, and built-in firewalls:

Read the MYOB Group Privacy statement.

To report a security vulnerability, please read the MYOB responsible disclosure statement.