Some businesses (like pawn shops) which are required to report to the national anti-theft database (LEADS Online) are prohibited by federal law from operating their shops in the cloud because of the security risk.
Before jumping off into the unknown, determine if you really want to take on the responsibility of putting your customers' information out there for hackers to steal. Irate customers aren't going to blame the hacker. They'll be chastising you for buying into the meaningless guarantees proffered by the individual who sold you on placing your data on his 'cloud computer'.
The Chinese routinely break top-secret crypto analytic U.S. computer codes to access our national secrets. Trust that hackers looking for current phone numbers, addresses and email addresses can tap into Joe Blow's rented computer with some flimsy SSL certificate.
"But he guaranteed my data is secure." He's not in control of the situation and has no basis for assuring anyone that the computer he has rented can't be accessed. Computers on the Internet are interconnected and can be accessed even over commercial security protocols.
Furthermore, guarantees have backing. The vendor is operating as an LLC (Limited Liability Company) hoping to protect his assets from his baseless guarantees.
This isn't fear mongering. It's the real world.
If your business were 'web-based' you would open the door to your shop every morning hoping these things work:
When asked for a backup plan when it's not possible to reach the remote server, one vendor suggested connecting to his server using a cell phone.
It is a fact that you are being trusted with your customers' personal information. Wouldn't be good to get tarred and feathered because you decided to float that data through space.
Web-based software has your data stored on what? The answer is: "We don't know!" A computer, probably in another state, located where you don't know, owned and operated by whom? and protected by what if anything? Blind trust that the guy getting $1800 a year from you and everyone else who bought in, is qualified to occupy his position, has made good decisions, can possibly control unforeseen circumstances and events.
Accumulating and entering data into a software program often takes hundreds of hours at a substantial cost to businesses. Those data files are worth the time it would take to recover and reenter all of that information again, yet using cloud software entrusts the safety and integrity of that data to someone you've never even met. Whoa boy.
Data security happens when you secure it - in your shop on a computer not connected to the Internet. That's the way to protect your customers' privacy and assure continuity of your business data. Anyone trying to convince you otherwise has dollars in his eyes.
When web-based software first came out, it sounded great, mostly because there was an appeal to be able to work from home (or anywhere), even if just to check in. Of course the alleged benefits were loudly heralded and the security risks were totally played down if mentioned at all.
Here's an economical and safe way to gain mobility and enjoy some of the freedom of web-based software without sticking your neck in a noose:
There are several free programs (LogMeIn, GoToMyPC, Team Viewer) available for accessing the shop computer from any other Internet-connected computer, laptop or handheld device. Just leave the shop computer on, use the username and password provided by the remote service to access the shop computer and operate it just as though you we sitting in front of it.
This method is free. It won't have all of the features of web-based software but neither will it have the enormous cost and associated risks.