Skip to content
← Share and support customer ideas for Xero

Settings and activity

1 result found

  1. Organisation setting - Ability to hide/delete the demo company

    235 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    submitted  ·  96 comments  ·  For small businesses » Settings & user roles  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Ashoka Reddy commented  · 

    Xero - you really are not listening to a reasonable request from your customers. This reflects a 'could-care-less' attitude.

    This is not a product idea. It is adding confusion and irritation and untidyness into the use of Xero for many businesses, accountants and consultants. Archiving a company and removing from the active company list, is the way it should be done in the first place.

    Demo data is by it's very nature, inaccurate, and once it's served its purpose, a company should be able to delete it, For inactive, old companies, the same is true, unless there are legal reasons and agreed data retention periods in place. Renaming these companies with a Z prefix so they appear at the bottom of the active company list is a joke. Preventing your customers to delete or archive the data on their own system after they have requested this from you, contravenes GDPR.

    Furthermore, Xero is adding to this 'couldn't-care-less' attitude with no acknowledgement or understanding of the impact of this design flaw. This is enough for existing customers to consider switching and complain about Xero, It has an impact on Xero brand reputation. Protecting this should be a top priority for the senior leadership team.

    It's not a matter of putting a glaring design flaw to the vote on your so-called product ideas page. Please escalate this to your senior leadership team. We expect courtesy, listening, and a reasoned decision on your intention. It's not good enough to say it's still not in the plan after so many years.

    Ashoka Reddy supported this idea  · 
    An error occurred while saving the comment
    Ashoka Reddy commented  · 

    Dear Xero team,

    You shared this so-called 'idea', 9 years ago!

    What is the purpose of voting on this "product-ideas-to-be-ignored" page?

    Having a Demo company on your customers' portals and not giving them the control to delete or hide it, is an Information Security risk and a serious system design flaw for any Software-as-a-Service (SaaS) application.

    It is an attack surface that is unmonitored and unadministrable from your customers' IT, Finance and Information Security teams.

    It should not be dismissed by putting up for a vote by your customers and then simply ignoring their annoyance, frustration and patience.

    This is not merely a product feature request idea. This is a User Interface and Information Security design flaw that needs to be addressed as soon as possible.

    All of your customers have a responsibility to demonstrate due care and diligence has been taken. On a demo system, there may well be live data, that has not been anonymized. Without proper governance of these demo systems, there's a good chance they will be non-compliant with GDPR regulations, and consequently at risk of heavy fines.

    In this state of affairs, Xero will not be trusted. Implementing the SOC 2 framework for information security controls for service organizations would be a good start for Xero to gain that trust.

    Respectfully,

    Ashoka Reddy
    fractional CTO and virtual CISO