Security
This page covers simple best practices to help keep your AxleLedger workspace secure.
AxleLedger helps you organise workshop records, but good security also depends on how your team uses the platform day to day.
Important: If you believe your workspace or account may be compromised, contact support as soon as possible and take immediate steps to secure access.
Security basics
A good security routine usually comes down to a few key habits:
- only give access to trusted staff
- keep sign-in details secure
- upload only the files and data your workshop actually needs
- remove old access quickly
- act fast if something looks suspicious
1. Only invite trusted users
Only invite people who genuinely need access to the workspace.
Best practices:
- only invite trusted staff or authorised team members
- give higher roles only when necessary
- avoid making everyone an admin or owner
- remove access promptly when someone leaves the business
- review staff access regularly
- never let multiple people share the same account
A smaller, cleaner access list is easier to manage and safer.
2. Keep sign-in details secure
Every user should protect their own account.
Best practices:
- use a strong, unique password
- do not reuse passwords from other websites or services
- do not share passwords by message, email, or paper notes
- sign in only through official AxleLedger pages
- sign out on shared or temporary devices
- avoid leaving the app open on unattended computers
- enable additional account security measures (e.g. two-factor authentication)
If a device is shared in the workshop, make sure users sign out when finished.
3. Upload only data your workshop needs to keep
AxleLedger should only contain records and files that are relevant to your workshop operations.
Best practices:
- only upload documents that the workshop genuinely needs to retain
- do not upload highly sensitive personal data unless it is clearly necessary and you are authorised to store it
- avoid uploading unnecessary identity documents, financial details, or unrelated private information
- avoid storing duplicate copies of the same file unless there is a real business reason
- remove unnecessary files when they are no longer needed
- redact irrelevant information before uploading where possible
A good rule is: if the workshop does not need it to do its job, it should not be uploaded.
4. Be careful with notes and internal records
Free-text notes can easily become messy or overly sensitive if teams are not careful.
Best practices:
- keep notes professional and relevant
- avoid storing passwords, PINs, access codes, or account secrets in notes
- do not paste sensitive private information that does not belong in the system
- avoid recording information that is unrelated to the customer, vehicle, or service work
- keep customer and vehicle records accurate and linked correctly
Clean records are safer, easier to manage, and easier to delete when needed.
5. Keep devices and browsers secure
Workspace security is also affected by the computers and phones used to access the app.
Best practices:
- keep browsers and operating systems updated
- use device passwords, PINs, or screen locks
- avoid using public or untrusted shared devices where possible
- be careful on open public Wi-Fi networks
- keep antivirus or endpoint protection active where appropriate
- lock the screen when stepping away from a device
Even a secure app can be put at risk by an insecure device.
6. Watch out for suspicious activity
Stay alert for anything unusual.
Examples include:
- unknown users appearing in the workspace
- reminders, customers, vehicles, documents, or work logs being changed unexpectedly
- billing or subscription changes you did not make
- sign-in prompts you were not expecting
- suspicious emails, fake login pages, or messages asking for passwords
If something feels wrong, treat it seriously and investigate quickly.
7. If you think the workspace is compromised
If you suspect that an account or workspace may have been compromised:
- change the affected password immediately
- remove or disable any user access you do not recognise
- review recent changes in the workspace
- check billing activity for anything unexpected
- contact AxleLedger support as soon as possible
- keep a short note of what happened, when it happened, and which account may be affected
Acting quickly can reduce the impact of unauthorised access.
Urgent advice: If you suspect compromise, do not wait. Secure access first and contact support immediately.
8. Use least access necessary
Not everyone needs the same level of control.
Best practices:
- reserve owner-level access for the main business owner or trusted senior person
- give admin access only where it is genuinely needed
- use lower-access roles for staff who only need operational access
- review roles regularly as the team changes
This reduces the chance of accidental or unnecessary changes.
9. Keep your data tidy
Security is not just about blocking attackers. It is also about keeping data organised and limited.
Best practices:
- avoid cluttering the workspace with old or irrelevant files
- do not keep extra copies “just in case” unless needed
- link documents to the correct customer or vehicle
- keep reminders, work logs, and notes relevant to real workshop work
- delete records or files that are no longer needed according to your business and legal retention needs
The less unnecessary data you keep, the less risk you carry.
10. Staff security checklist
A simple checklist for day-to-day use:
- only invite trusted users
- never share accounts
- use strong passwords
- sign out on shared devices
- upload only necessary files
- avoid highly sensitive or unrelated personal data
- remove old staff access quickly
- report suspicious activity immediately
Related pages
Need help?
If you think your account or workspace may be at risk, contact support as soon as possible.
For full legal and policy documents, see the Legal page.