Security

We understand that when you use Magnifi, you are entrusting us with one of your most valuable assets - the financial data of your company or client. We treat this responsibility very seriously.

While we can't publicise every detail of our security processes, we would like to provide a level of assurance by demonstrating a careful, pragmatic approach alongside some of the key tenets that we operate by.

#1 You own your data

We are in essence 'caretakers', looking after your financial data, in order to provide a service. We ensure that you have the controls necessary to manage access to your data.

When data is imported from cloud accounting systems (e.g Xero) we do not retain access tokens ensuring we can no longer access your company data through the accounting provider's API.

If at any time you wish to remove a company from Magnifi, you can simply delete the company from within Magnifi. The data will exist in our offsite backup for a period of time and then be removed ensuring no data remains with Magnifi.

#2 Security is ongoing

Security is not a 'set-and-forget' operation. At Magnifi we are continuously evaluating and reinforcing our security approach through an internal documentation & review process.

#3 Availability is important

The availability of your data is crucial to your use of Magnifi.

We encrypt sensitive data using 256-bit AES encryption and backup to a secondary secure location nightly.

This means that, in the event of a disaster or an outage at our primary datacenter, we can recover quickly and continue to provide Magnifi from a geographically redundant secondary facility.

Hosting & Physical Security

Magnifi is hosted on Amazon Web Services, a highly scalable cloud computing platform with end-to-end security and privacy features built in. Our team takes additional measures to maintain a secure infrastructure and application environment.

TLS

Transport Layer Security (TLS) is an encryption technology used to protect data as it travels over the internet (i.e the little padlock shown in your web browser). All Magnifi application communications are encrypted with 128-bit keys, providing a level of encryption comparable to that used by banks and financial institutions.

User access

Within each account, Magnifi provides for multiple levels of access to confidential customer data. You can add or remove individual users from your account whenever you want. Selected Magnifi staff can also access your data, for support purposes only, and only when you provide permission.

Passwords

Best practices are used in the transmission and storage of passwords within Magnifi. All users must choose a strong password. If you are inactive for an extended period while still logged in to Magnifi, you will be automatically logged out.

Data protection & backup

We backup customer data every night. We also retain a copy of a daily backup in a secondary geographic location to aid in disaster recovery company-specific data is kept separate through logical separation at the data tier, based on application-level access permissions and roles.

Privacy Policy

For more information on how Magnifi treats your personal information please see our Privacy Policy.

How can you stay protected?

Here are some simple steps you can take to stay protected:

  • Create a password nobody can guess, so no dictionary words or family names. Be cryptic or use multi-word pass phrases - easy to remember, hard to crack.
  • Don't share your password with anybody.
  • Dont write your password on a sticky note and attach it to your computer.
  • Keep your browser software up to date.

Copyright 2020 - Magnifi Pty Ltd | ABN 83 106 161 951 Powered by AWS Cloud Computing  

Website Uptime

User Agreement   Privacy Policy   Security   Beta v1.95