ISO 27001 security standard compliance
Xero is certified as compliant with ISO/IEC 27001:2013, the premier global information security management system (ISMS) standard.Log in to download the ISO 27001 certificate
PCI DSS v3.2, SAQ A compliance
We comply with the Payment Card Industry Data Security Standard. We're a level 3 merchant & outsource card processing to level 1 providers.
Multiple layers of protection for data
We provide multiple layers of protection for the information you trust to Xero, including encryption when it’s transferred and stored.Learn more about data protection
Robust network and data centre security
Security controls protect access to and within our environment, including firewalls, intrusion protection systems and network segregation.
Multiple redundancy technologies for our hardware, networks and infrastructure help to keep Xero running if any component fails.