Skip to Content


At MYOB CRM, we protect your data by using industry-leading practices and technologies. We ensure the management and monitoring of all our products and related services is ongoing, adapting where necessary to address changes in Information and Cyber Security Risk and Data Protection areas.

This page answers some of the frequently asked questions that you might have about security.

MYOB CRM takes the security of your data seriously.

If you have further questions, please contact us.

  • img-description
    Australian Data Storage

    All your data stored safely in Australia, under Aussie regulations.

  • img-description
    Unique customer databases

    Your data is not “mixed” or “shared” with other customers in any way.

  • Myob
    An MYOB Business

    MYOB CRM is owned by MYOB, so your business is in safe hands.

General Security

We have implemented security and password rules designed to keep your data more secure.

  • Two Factor Authentication – you can receive a code via email to confirm account ownership at logging on.
  • Secure Passwords – you can enable “complex passwords” which require combinations of letters and numbers.


MYOB CRM partners with leading cloud service suppliers who provide key infrastructure and hosting services.

  • MYOB CRM is hosted in Australia, in Microsoft Azure Data Centres. These data centres are world-class and certified to ISO Standards.
  • They’re the same data centres that products like MYOB and Office 365 use.


  • Each customer has their own unique database.
  • Your data is not “mixed” or “shared” with data from other customers in any way.

PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for the handling of credit card information. The standard was created to improve protection of cardholder data to reduce credit card fraud. MYOB CRM ensures compliance with PCI DSS for our payment card processing services.

  • Our credit card implementations have been implemented in such a way that card details are tokenised and stored with the card provider.
  • This means there are no PCI compliance issues for MYOB CRM, or our customers.


MYOB CRM complies with the Australian and New Zealand privacy laws. Our privacy policies set out information on how we collect, hold, use, and disclose personal information.

  • See the privacy link at the bottom of this page.


MYOB CRM will ensure proper and effective use of cryptography to protect the confidentiality and integrity of information according to its data classification.

  • MYOB CRM requires more recent web browsers with stronger versions of TLS/SSL.
  • The encryption is “end to end” meaning that all internal connections from our server are also encrypted.
  • MYOB CRM databases are all encrypted at rest.

Data Backup

Backups are stored in the Microsoft Azure production platform hosted in Australia.

  • Databases are backed up to the minute for 30 days.
  • Data is backed up every 15 minutes between our Sydney and Melbourne data centres.

Independent security testing

MYOB CRM engages external security vendors to technically assess our products both during and post-development. Assessments are aligned to the Open Web Application Security Project (OWASP) Application Security Verification Standard, which provides:

  • application developers and application owners with a yardstick to assess the degree of trust that can be placed in our online products; and
  • guidance to our product engineers about building security controls to satisfy application security requirements.
Back to top