6th Sep 2021

Cloud Accounting Security: What You Need to Know

We know for some business owners, the thought of switching to cloud accounting is still daunting because of security concerns.

Fortunately, technology and online security have come a long way over the years, and now offer high levels of protection with minimal effort from you.

This blog explores cloud accounting security, what you need to know and how you can keep your accounts safe online, because we all need that extra peace of mind!

To start with, what is cloud accounting?

To put it simply, it’s using accounting software like Xero and Dext for accounting processes.

These types of platforms allow you 24/7 access to data as well as the ability to work on or review your accounts remotely.

The data produced within this software is securely stored within it, instead of on your physical laptop, computer, or memory stick.

And how is your data protected?


Encryption is the process of realigning or scrambling your text and data, so it’s unreadable. Only those with the correct access will be able to see the information in its true form.

Platforms like Xero and Dext use industry-standard TLS (Transport Layer Security) to encrypt data stored within their platforms. Cloud accounting software providers will also encrypt your data when it’s transferred within the platform and when it’s transferred outside of the platform for backup purposes.

Encryption helps keep your data safe as, in the event it’s accessed by someone outside of your organisation, it’ll be incomprehensible.

Firewalls and surveillance

 A firewall acts as a filtration system between your data and those who access it. You might not be able to physically see the firewall, but trust us when we say, it’s definitely there when you’re using cloud accounting platforms.

Xero takes it one step further, they use multiple layers of firewalls and monitor activity 24/7. So if anything looks suspicious or any attempts are made to overcome the firewalls in place, they know about it straight away.

Xero, as well as other cloud accounting software providers, will actively keep you in the know with any suspicious activity on your accounts. They’ll also let you know about the latest scams and phishing schemes so you can stay alert.

Two Factor Authentication

Many cloud accounting platforms offer further security through two factor or multiple factor authentication.

This process involves an additional step, or steps, when you log in to your account. When logging in to Dext, for example, you can use a password and username, as well as a security code which is generated in a separate app such as Google Authenticator or Authy.

You can also set Xero up to require multiple factor authentication. Xero has its own separate app, Xero Verify, which you can download to receive push notifications each time a login attempt is made. When you get the push notification, you’ll be able to confirm or deny the login request.

This helps keep your accounts safe as it means in the event someone obtains your username and password, they’re unable to use them to log in as the extra layer of security is needed. 

What can I do to stay safe?

Use strong, unique passwords which aren’t stored or used for other platforms.

Don’t use something that’s easy to guess or something that you use for another platform. If you struggle to remember your passwords, you can explore encrypted password storage managers such as LastPass or Apple Keychain.

Ensure the device and network you’re using is secure.

Complete your accounting processes on a locked or private broadband network, rather than an open, public network. Why? Public networks aren’t as secure. Ensure the device you use has its own security systems in place – also for that additional layer of security. 

Turn on two/multiple factor authentication.

As we explained above, the two and multiple factor authentication options give you extra security on logging in. If a platform offers it, use it!

Be aware, vigilant and educate your team.

Sadly, there are people out there who will try to obtain your login and other sensitive information via phishing scams and emails. Such emails normally contain links which will direct you to a web page which will ask you to enter your information. Or ask you to download software which will monitor your device without you knowing.

Always double check with the sender and what the email is asking before you click or enter anything. It’s very unlikely that your cloud accounting software provider will ask you to log in via a link or to reset any information randomly via an email. You can learn about known phishing scams over on Xero’s security noticeboard.

If you have a team working with you, make sure you implement and share best practice on internet, app and software use in general!

Thinking of switching to cloud accounting?

 We specialise in working with start-ups, scaling, digital and tech businesses. We’d love to hear from you, send us an email!