Skip to main content
Fedix AI accounting software Australia - MyLedger logo

Security & Compliance

Bank-level security, data encryption, and compliance with Australian regulations. Your client data is protected with enterprise-grade security.

Bank-Level Security

Your client data is protected with enterprise-grade security. We use bank-level encryption, Australian data centers, and comprehensive access controls to ensure your data is safe and compliant.

Security Features

Multi-Factor Authentication (MFA)

TOTP-based two-factor authentication (2FA) with time-based one-time passwords. Users can enable MFA using authenticator apps, with recovery codes provided for account recovery. Enhanced security for all user accounts protects against unauthorized access even if passwords are compromised.

Single Sign-On (SSO)

Microsoft Azure AD integration for seamless and secure authentication. Enterprise-grade SSO support allows practices to manage user access through their existing Microsoft identity provider. Supports conditional access policies and centralized user management.

ISO 27001 Aligned Security Practices

Follows ISO 27001 information security management standards. Our security practices are aligned with international best practices for information security management, including risk assessment, access control, cryptography, and incident management. Regular security audits ensure continuous improvement.

End-to-End Encryption

Bank-level encryption for data at rest and in transit. Your data is protected throughout its lifecycle with industry-standard encryption protocols. All network communications are secured with the latest encryption standards. Sensitive data is encrypted using enterprise-grade cryptographic methods.

Data Isolation

Practice-level data isolation ensures complete separation between practices. Each practice's data is isolated at multiple levels, preventing any cross-practice data access. Strict access controls and data segregation ensure that practices can only access their own client data, maintaining complete privacy and security.

Multi-Layer Server Architecture

Layered security architecture with multiple tiers provides defense in depth against threats. Different system layers are separated with strict network controls and access restrictions. Firewalls, intrusion detection, and continuous monitoring systems protect each layer of the infrastructure.

Australian Data Centers

All data is stored in Australian data centers, ensuring compliance with Australian Privacy Act 1988 and data sovereignty requirements. Your client data never leaves Australian jurisdiction, meeting regulatory requirements for Australian accounting practices and tax agent software.

Role-Based Access Control

Granular permissions and role-based access controls ensure that only authorized users in your practice can access client data. You control who sees what. Custom roles can be defined with specific permissions for different functions, ensuring least-privilege access principles.

Comprehensive Audit Logs

Comprehensive audit logging tracks all access and changes to client data. Full audit trail for compliance and security monitoring. All user actions, data access, and system changes are logged with timestamps, user identification, and IP addresses for complete traceability.

Compliance & Standards

  • Compliant with Australian Privacy Act 1988
  • ATO requirements for tax agent software
  • Australian Accounting Standards
  • Regular security audits and penetration testing
  • ISO 27001 aligned security practices
  • Data backup and disaster recovery procedures
  • Multi-factor authentication (MFA) support
  • Single Sign-On (SSO) with Microsoft Azure AD
  • End-to-end encryption with bank-level standards
  • Practice-level data isolation
  • Multi-layer server architecture
  • Australian data center storage

Data Protection

Backup & Recovery

Regular automated backups ensure your data is never lost. Our disaster recovery procedures ensure business continuity even in the event of system failures.

Access Control

Only authorized users in your practice can access client data. Fedix staff never access your client data without explicit permission for support purposes, and all access is logged.

Privacy

We comply with Australian privacy laws and accounting standards. Your client data belongs to you, and we never share it with third parties without your explicit consent.

Questions about security?

Our team is happy to discuss our security practices and answer any questions you may have.

Contact UsApply for Access