For people switching to Wave from desktop accounting software like Quickbooks, being able to access your accounting anywhere, any time, is a pretty cool bonus.
That advantage is made possible by the fact that your accounting information is stored securely on Wave's servers, rather than on your own hard drive. And that, quite correctly, makes people want to know about security.
Here, in plain English, are my suggestions on what you should keep in mind for online services in general and Wave Accounting in particular.
The 3 Pillars of Online Security
1) DATA STORAGE Since we're all familiar with the idea of saving a computer file, the first thing most people think of is: Where do you save my data? A good online application will have servers that are protected both physically and electronically. Physically, is the server locked down tight in a building where only authorized people can get to it? And electronically, is it protected from hackers? Another element to consider: Are these servers backed up somewhere remote? For example, if there were a fire in the primary location, does your data live on somewhere else, so that you can continue doing business? WHAT TO DO: Make sure any service you use is taking the steps I've outline above. Of course, in the case of Wave: Our servers are physically secured at an undisclosed location; our servers are electronically secured; and your data is backed up so that you never need to worry about catastrophic loss.
2) DATA IN TRANSIT This one doesn't usually pop up on people's radar. The second link in online security is protecting your data as it moves back and forth from your computer to the servers. To use a football metaphor, basically you're protecting against an interception. When you hear things like "128-bit encryption," people are usually talking about data in transit. Most online banking and shopping services use 256-bit encryption to keep your information (like a credit card number) safe as it travels. Encryption basically means a code, and the higher the number of bits, the harder it is to crack the code. (According to some estimates, even if a hacker could try a billion billion times a second to break a 256-bit code, it would still take longer than the age of the universe to get through all the options.) WHAT TO DO: Any time you're going to send or receive sensitive information to a website or online service, make sure to inquire into the encryption they use. You also want to find some sort of certificate that these claims have been validated by an independent third-party. Wave Accounting uses 256-bit encryption, and our service and procedures are audited and verified by multiple third parties. Data in transit is also a consideration when you yourself email information. For most people, emailing sensitive documents to an accountant offers no encryption at all.
3) THE HUMAN FACTOR As with anything that's password protected and online, it's essential to keep your password safe. If you scribble a password on a Post-It note and leave it up on your computer monitor, you've obviously just made it a lot easier for someone to access your online accounts. It's like making sure you don't keep the PIN number for your ATM card in your wallet: that way if your wallet is stolen, the thief doesn't have all the tools needed to access your account. WHAT TO DO: Keep your passwords secure, and make them hard to guess. Don't share passwords. Change your passwords every few months. And just as importantly, when you use a service like Wave that allows multiple collaborators on one account, make sure all of your collaborators take these security measures, too.
If you have any questions about the security procedures in place at Wave Accounting, please contact us.