On the 7th of March we attended the Xero Roadshow in London. We heard about the many excellent features Xero have built into their software to keep their users data safe, however, we also heard how low the uptake of those features remains. So, we felt it was time to highlight some of those key and easy to implement features and discuss the fundamentals for robust logon security. We’ll be running through passwords, two-step authentication and programmes that can remember your passwords for you.
Good practice for your passwords
“63% of confirmed data breaches leverage a weak, default, or stolen password”
We know, we know, you’ve probably heard it all before, however, secure passwords are just the beginning of a solid approach to security. A vital firm foundation on which all other security measures rely. The following three tips outline the basics of good practice for your passwords.
- Passwords should be changed regularly, ideally every month (you may want to automate this process, rather than rely on your staff remembering to take care of this task).
- They should contain at least one: upper case letter, lower case letter, number and special character, and be a minimum of 8 characters long.
- Passwords should never (ever) be written down or shared – if you struggle to remember the million and one passes that you hold for your everyday life, consider using a tried and trusted password management system – such as LastPass.
When we look to cloud accounting platforms, we can take Xero as a shining example of two step security done right. Their two-step authentication allows businesses to:
- Use your email and password alongside a unique code generated on your phone to overcome the prospect of stolen login details by phishing or malware.
- See who’s using two-step authentication in the company and more to the point, identify who’s not (they say that the weakest chain in any security link are humans and this may be a prime example)
Xero also provides users with other benefits that help monitor the security of your data:
- Check when and where you last logged in – and report any logins that don’t look right
- Benefit from an entire team of world-class security experts, as XERO are continually pushing their security efforts forward