How Xero is protecting your data

In this blog we answer your queries about how Xero is protecting your data.


When introducing new clients to Xero, we often get asked many questions.

• How secure is my data?
• Can unauthorised people access my banking information?
• Where is my data stored if I no longer have to backup my file?

Xero understands your concerns and ensures your data is guarded to the highest level.  They have invested heavily in protecting your sensitive financial information against unauthorised access and system failures.  As Xero is a cloud based system, it’s the hosting and service delivery infrastructure is supported by a world-class network, data and physical security environment.  At Xero, security is not a singular event, it is an ongoing process where they are continually evaluating and reinforcing their security policies and practices.

Here are some of the security precautions Xero takes to protect your data:

  • User access – Access to your Xero file is by invitation only and with a level of user permission nominated by you.  You can easily remove any users whenever you want.  If we do require Xero to access your file for support purposes, they too need to be invited to the file to be able to provide the support required, and it’s completely at your discretion.
  • User passwords – All users must choose a strong password and automatic lockouts are enforced when incorrect passwords and repeatedly entered.  Xero does not allow any internet browsers to save your login details to eliminate access from a stolen or compromised computer.  If you leave Xero unattended for an extended period of time, it will automatically log you out.
  • Backups – All customer data is backed up daily.  Continuous off site back-up service into a second facility allows for further real-time data protection.
  • Data protection – Xero retains multiple copies of customer data in multiple geographic locations for real-time data protection.
  • SSL – this ensures that your data is encrypted when in the Cloud.  This encryption is the same as that used in Internet Banking.
  • Firewalls & network security – External access to the servers is controlled by multiple layers of firewalls, intrusion protection systems & routers.  The internal computer networks of the Xero offices have no access to any customer data.
  • Third party audits & inspections – Xero’s security is reviewed regularly and audited by external specialists.
    Physical security – Access to the location of the Xero servers is restricted to authorised onsite staff and 24/7 onsite security guards.

How is Xero more secure than desktop software?

Ever had the frustration of your laptop crashing or gets stolen and you soon realise that all your data that was saved on your laptop is now gone?  Well with Xero, your data is no longer stored on your computer, which means that your data remains completely safe and unaffected if the above circumstances were to arise.

Also, by allowing your Accountant or Adviser secure access to your data within Xero, is more secure than emailing or mailing your accounting data files. 

Steps you can take to stay protected

Xero works very hard to secure your financial data, so here are some simple steps you can take to stay protected:

  1. Create a password nobody can guess.  Be cryptic or use multi-word pass phrases – easy to remember, hard to crack.
  2. Don’t share your password with anyone.
  3. Don’t write your password on a sticky note and attach it to your computer.
  4. Keep your browser software up to date.
  5. Make sure you only login at


Topics: Xero

Subscribe to Email Updates

Recent Posts