You use Microsoft 365, Google Workspace, Xero, MYOB, banking portals, WordPress, Shopify or social media for business
You use Microsoft 365, Google Workspace, Xero, MYOB, banking portals, WordPress, Shopify or social media for business.
Could someone get into your business accounts?
Check whether important business accounts like Microsoft 365, Google, Xero, banking, website admin and social media have extra login protection. Based on public ASD/ACSC Essential Eight guidance.

Use this when you want a practical business-owner answer, not a technical framework first.
You use Microsoft 365, Google Workspace, Xero, MYOB, banking portals, WordPress, Shopify or social media for business.
You are not sure whether every important account has two-step login turned on.
Staff, old staff or contractors may still share passwords or have access they no longer need.
Privacy: this checker runs in your browser and does not ask for sensitive details.
Tick the statements that are true or risky for your business accounts.
This check relates mainly to two-step login, admin access, and safer account management. In Essential Eight language, it supports multi-factor authentication and restricting administrative privileges.
Helps improve Essential Eight alignment step by step. This is a practical self-check, not a formal government certification or audit.
Email, accounting, banking and website admin accounts are usually high priority because they can affect money, invoices, customer trust and daily operations.
These basic checks help protect business money, files, customer records, staff devices and daily operations.
Need help setting up two-step login safely without locking staff out? Your IT & Tech Mates can help review and protect your key accounts.
Use the hub and related tools to check the other parts of your small business cyber safety setup.
Return to the hub and choose your business concern.
Start with the full five-minute check across logins, backups, updates, access and device safety.
Check two-step login and account access for email, cloud, accounting, website and social platforms.
Check whether files, invoices, records and job photos can be recovered if something goes wrong.
Review old accounts, admin access, shared passwords and contractor access.
Check whether computers, browsers, Office, accounting apps, POS systems and remote access tools are being kept up to date.
Check whether risky Office files, invoices, spreadsheets, supplier documents or attachments could put your business at risk.
Check browser updates, extensions, downloads, password saving, PDF readers, remote access apps and common unsafe app settings.
Prepare a plain-English evidence checklist for insurers, suppliers, clients or tenders.
Turn your answers into a simple action plan: first 3 fixes, this week, this month and later.
Your IT & Tech Mates can help set up two-step login, backups, updates, admin access, safer devices, and a plain-English cyber action plan for your business.
Start with business email, Microsoft 365 or Google Workspace admin accounts, accounting, banking, website admin and social media business accounts.
It can cause problems if rolled out badly. Plan staff communication, recovery options and admin backup access before turning it on everywhere.
No. This is a practical self-check based on public ASD/ACSC Essential Eight guidance, not a formal government certification or audit.