|
Index
Main Contents:
Welcome
Introducing hontreasurer.com
Online Manual
How
Do I?
HELP! I'm
Stuck!
TUTORIAL
The
Forum
TO DO List
Introduction Contents:
hontreasurer.com Accounts
Introduction
What can I do with Money in hontreasurer.com?
What can I do with Contacts in
hontreasurer.com?
Getting Started
First Steps
Some other useful information:
Legal
Design
The hontreasurer.com Model
The hontreasurer.com Model(2)
Security
Submit Your Comments/Ideas
|
A Few Words on Security
|
|
Can in
lose my data?
|
Your data is held on a
secure server on two sites, one in the USA and one in the UK. The UK
site is copied every day from the USA site and so the likelyhood of
losing any data is very small indeed. However, you may wish to keep
lists of transactions on your own computer and this can be done by
using "Print Table" on the Transaction Panel and "exporting" the data
to a file on your own computer.
|
What
about those questions when I download?
|
Examples of the questions
you are asked are, for Internet Explorer here,
and for Mozilla-type browsers here.
Loading programs onto your
computer is inherently risky. Even programs you buy in a shop can be
infected with viruses, spyware or other dangerous code. When browsers
download hontreasurer.com they ask the question, "Do you trust programs from
this Author?" or similar. Our programs are digitally signed with a
certificate which you can view. Noone can tamper with the software and
still produce the same cerificate it had when it was shipped from
us. We publish the certificate for each release here and it is up
to you to check them. The bit to check is the signature. Someone
can forge the name, department etc, but not the signature which
tells you that the program is the same as when we signed it with
our password. N.B. we could pay USD500 to VeriSign or similar but this
doesn't really add to the security. You still need to make the check -
so if you are worried, please make it.
For the record, hontreasurer.com needs the extra permissions for the following
facilities:
For sending email
|
SACS will open a
"socket" to your STMP server. Sorry about the jargon but there is no
easy way of saying that!
|
For Reports
|
SACS will use
temporary files for making the report, but if you want to print or save
the report, hontreasurer.com will need access to your hard drive.
|
For Copy, Cut and
Paste
|
If you want to Copy
material out of SACS, it needs permission to overwrite anything which
may presently be on your clipboard.
|
If you don't need these facilities, use the "paranoid" version
which you will find a link to in section 2 of your organisation page.
|
Can
anyone else get at my data?
|
This question is better
rephrased as "how much effort does someone have to make to get at my
data" because, if they try hard enough, they can always get it, if only
by breaking in to your house and stealing your computer or, more
likely, laptop. (For this reason, never allow your computer to
keep you passwords for you.) As long as you keep your password secure,
someone would have to go to great lengths to get at your data. All data
in your database is coded. First, they would have to set up an
intercept between your computer and our servers. Next, they would have
to guess, or trial & error, which of the streams of numbers data
going back and forth are the username & password. Then they would
have to "crack" the password which is encoded by a commercial
algorithm. Even if they are the security services, this could take
months. Then they have to figure out which codes mean what and
reconstruct the database tables. It would be very timeconsuming - but
not completely impossible.
The other small risk is that someone steals computers or access to the
server sites. For this reason, we do not advertise where the servers
are.
In short, you are far more likely to give away unauthorised access
through a mistake than through conspiracy.
|
|
|
|