Keeping your MYOB Acumatica site secure
The MYOB Master Services Agreement requires companies who use MYOB Acumatica to implement a number of basic security measures. Here's how to keep your site safe.
While MYOB Acumatica has security features to help keep your sensitive information safe, it is the responsiblity of every company using the software to maintain good security policies.
The MYOB Master Services Agreement (Enterprise) requires that companies follow the security policies on this page.
Security is your responsibility
Data security requirements can change quickly, and vary from company to company depending on industry and any number of other factors. Supplement the practices on this page with your own policies and regular security reviews.
For more information on best practice, take at these guides:
Don't share accounts
Even though they might seem convenient, sharing a single account among multiple users is a significant security risk. Shared logins are easily compromised, and make it difficult to track user activity and enforce security policies using user roles.
Every MYOB Acumatica user must log in using their own individual account.
Store passwords securely
Never write passwords on paper or store them on your computer in plain text (e.g. in a Word document or an emailed to yourself).
To keep track of your passwords, use a secure password manager like 1Password or KeePass.
Use two-factor authentication
Two-factor (or multi-factor) authentication (2FA) adds an extra layer of protection to your user accounts. Even if an unauthorised user gets access to your password, they can't access your account without access to your mobile device.
2FA is mandatory for payroll administrators and anyone managing personal information. We also recommend you enforce 2FA for all users.
To make sure all your users are set up to login with 2FA, see the Two-factor authentication articles on our knowledge base.
Lock your computer when you're away from your desk
Locking your computer when it's unattended helps prevent unauthorised access and keep sensitive information confidential.
All MYOB Acumatica users must lock their computers when leaving their desks.
Regularly rotate API credentials (client secrets)
To limit the potential impact of compromised API credentials, rotate them frequently. In the event of a security breach, this reduces the amount of time malicious actors will have access to your system.