Should I pick cloud-first or local-first multi-entity software?

Cloud-first wins when you genuinely need real-time multi-user access. Local-first wins when the data is sensitive identity material (EINs, bank info, registered-agent addresses) and you'd rather not have a vendor in the data path. Most solo or small holding-company operators end up on the local-first side.

What's a red flag in this category?

Software that markets aggressive compliance promises ("never miss a deadline") without specifying where its deadline data comes from, software that can't tell you what encryption it uses, and software that asks you to upload sensitive identifiers but won't commit in writing to where they're stored.

Is one-time pricing or subscription better?

It depends on what's being delivered. Subscriptions make sense when a vendor is operating infrastructure on your behalf. One-time pricing makes sense when the vendor is shipping software you run on your own machine. The mismatch — subscription pricing for software you host — is worth pushing back on.

What to look for in multi-entity record software

The job to be done

Before any feature list, pin down what you're hiring the software to do. Most multi-entity operators we talk to are hiring it for some combination of:

Keeping records per entity in one place that survives more than two years.
Not missing renewals.
Storing sensitive identifiers (EINs, bank info, registered-agent addresses) in something better than plaintext.
Sharing specific records with an accountant or attorney without giving away the whole store.

If the software you're evaluating is great at, say, dashboards and bad at the four points above, the job-to-be-done test has already failed. Don't be wowed by features that don't serve the job.

The non-negotiables

1. Field-level encryption for sensitive identifiers

"Encryption in transit and at rest" is the minimum bar — and it usually just means the vendor's database is encrypted, which doesn't help you if the vendor is breached. The stronger property is per-field encryption: EINs and bank account numbers are encrypted with a key the software derives client-side, and the vendor literally cannot read them.

Vexli does this with AES-256-GCM per-field encryption on top of the SQLCipher AES-256 database, with the keys derived locally on your machine. Look for similar specificity from any vendor in this category. Vague reassurances like "bank-level security" are a red flag.

2. Documents attached to records, not to folders

The whole point of an entity vault is that you can find everything about LLC B from LLC B's record. Software that stores documents in a generic folder tree and asks you to remember the filing convention is solving a different problem.

3. A single deadline view across entities

If the software has a calendar but no way to see "everything due in the next 60 days across all entities," it's a per-entity reminder system pretending to be a multi-entity tool.

4. A clear answer to "where is my data physically stored?"

Acceptable answers: "on your local machine," "in our database in region X with field-level encryption," "in your own cloud account that you control." Unacceptable answers: hand-waving, "secure servers," or anything that depends on how technical the salesperson feels.

5. Export

You should be able to walk away with your data. If a vendor can't show you the export format, you don't actually own the records you typed into their database.

Trade-offs to evaluate consciously

Cloud-first vs local-first

Cloud-first gives you access from anywhere, easier collaboration, and centralized backups handled by the vendor. The cost is that the vendor has your data. A breach of the vendor is a breach of your records.

Local-first gives you full ownership and removes the vendor from the data path. The cost is that backups, device security, and cross-device sync are your problem.

Neither is universally correct. For solo operators with sensitive multi-entity records, local-first usually wins on the threat-model math. For multi-person teams that need simultaneous access, cloud-first usually wins on the collaboration math.

One-time vs subscription pricing

Subscriptions make sense when the vendor is operating infrastructure on your behalf. They make less sense when you're paying recurring fees for software that runs on your machine. Push back on subscription pricing for desktop software unless the vendor is delivering ongoing service that warrants it.

Vexli is one-time $79 because Vexli is software that runs on your machine. We don't operate a vault server for your records, so we don't charge you monthly for one.

Vendor longevity

Smaller, focused vendors usually build better software in narrow categories like this — but they can also disappear. Two questions worth asking: is the data format documented, and can you export to something portable? If yes, the vendor-disappears scenario is annoying but not catastrophic.

Questions worth asking any vendor

Where, physically, does my vault data live?
What encryption is applied at the field level (not just at the database level)?
What happens to my data if I cancel?
Is there an export, and what format is it?
How do you handle deadline data — is it user-entered, or sourced from somewhere?
If you operate a server, what does your incident-response policy look like?
Is this software subject to a subscription, and what specifically does the subscription pay for?

Where Vexli fits

Vexli is opinionated about most of the above. Local-first, encrypted-by-default, one-time pricing, entity-first navigation, single deadline view. Whether that's the right fit depends on your team size, your sensitivity to vendor risk, and your tolerance for managing your own backups.

If the answer is "yes, that's me," the Vexli product page is the next stop. If it's "I want to talk to a real person first," contact us.

What to look for in multi-entity record software.