Keeping your MYOB Acumatica site secure

While MYOB Acumatica has security features to help keep your sensitive information safe, it is the responsiblity of every company using the software to maintain good security policies.

The MYOB Master Services Agreement (Enterprise) requires that companies follow the security policies on this page.

Don't share accounts

Even though they might seem convenient, sharing a single account among multiple users is a significant security risk. Shared logins are easily compromised, and make it difficult to track user activity and enforce security policies using user roles.

Every MYOB Acumatica user must log in using their own individual account.

Store passwords securely

Never write passwords on paper or store them on your computer in plain text (e.g. in a Word document or an emailed to yourself).

To keep track of your passwords, use a secure password manager like 1Password or KeePass.

Use two-factor authentication

Two-factor (or multi-factor) authentication (2FA) adds an extra layer of protection to your user accounts. Even if an unauthorised user gets access to your password, they can't access your account without access to your mobile device.

2FA is mandatory for payroll administrators and anyone managing personal information. We also recommend you enforce 2FA for all users.

To make sure all your users are set up to login with 2FA, see the Two-factor authentication articles on our knowledge base.

Lock your computer when you're away from your desk

Locking your computer when it's unattended helps prevent unauthorised access and keep sensitive information confidential.

All MYOB Acumatica users must lock their computers when leaving their desks.

Regularly rotate API credentials (client secrets)

To limit the potential impact of compromised API credentials, rotate them frequently. In the event of a security breach, this reduces the amount of time malicious actors will have access to your system.