3 ERP Security Risks and What You Should Do about Them
ERP systems keep expanding to include more features and better functionality. But the need to maintain ERP security is still the same – it might be more difficult today though.
ERP means one, single system for the whole enterprise. Security is part keeping it running all day, every day, for everyone and part keeping everyone outside who has no business on the inside.
We have more and more mobile users in our systems today. These include dedicated mobile devices like scanners and printers. At the same time we want to connect with our smart phones and tablets from anywhere. This increase in devices adds a layer of complexity to ERP security access that was device-independent once upon a time.
More Delivery Platforms
ERP in the cloud is increasingly common today. The entire system including the software and all the data is kept somewhere else and maintained by a third party provider. These ERP systems work well and there are few problems but some fear the risk involved in trusting another business with the family jewels. We can also keep our software but use cloud storage for our data for a position somewhere in between. With the rise of cloud ERP, not only is ERP security place in the hands of an outside body, but further complexity is added to our security processes by the diversification of delivery platforms.
More Sensitive Data
HR is more frequently a component of today’s ERP. For the business, the risk is the same as any other data. But for our employees there is heightened concern over having our identification, home address, and a lot of family information. Modern employees may feel they have no control over this data and its security once integrated into your ERP system.
So what can we do to improve ERP security? This really has not changed but the need to be vigilant is as important as ever.
- Change passwords frequently – Minimize the time a stolen password can be used
- Limit the data any one person can access – Only what they need for their jobs
- Log everything – you never know until today what you wish you captured yesterday
- Maintain a firewall – Your first line of defense
- Encrypt your data – it might not stop a pro but it will slow them down and stop others
- Secure against fraud – You have internal threats too
- Track use of social networks – Plenty of phishers out there
- Control external storage by employees – Can someone take your customer list on a thumb drive?
- Watch traffic through customer and supplier portals – clearly define security parameters on a case-by-case basis.
Featured white papers
Five quick actions to improve internal ERP security
Give your internal ERP security a boost with these quick, actionable tips
ERP and serverless architecture: getting ahead of the curve
What serverless architecture is, and how ERP could adapt to it
What does the future hold for ERP and blockchain?
What blockchain is, and how it could affect the development of future ERP applications