Mobile ERP Security: Stress, Strains, and Struggles
There are some powerful advantages to mobile ERP. But as you suspect, there are some downsides too, and one in particular is very significant.
Any connection to your ERP system through your firewall is a security risk. But people have been connecting from home or remote offices on desktop machines for a long time. Those risks are somewhat controlled today but they still exist and cannot be ignored. The crucial step in securing mobile ERP systems is to educate users on the security risks, and their responsibilities when accessing mobile ERP.
When the connection is through a smartphone or tablet, the risk is much greater. These devices are susceptible to viruses or other malware just like a desktop computer. The difference? The systems available to protect most mobile devices are much less robust. Those protection systems that need improvement include both the carriers and third party services. You can steal a lot more from a multi-national corporation than you can from a high school kid, and that makes your mobile ERP system vulnerable.
A Question of Self-Discipline
These devices are small and portable. They are also easily and frequently stolen or lost. Is your password allowing access to the ERP system saved in your device? Do you have sensitive data saved in the device memory? These are worth much more than the $500 your device costs. We see in the news regularly where someone misplaced their entire customer list including complete contact information. People have misplaced medical records and government ID lists opening up that list to all kinds of problems. Solution? Handcuff the device to your wrist? Develop powerful log on codes and passwords to use the device?
Are you using mobile ERP at a restaurant or your hotel? Public wi-fi may not be secure. Your password scheme and firewall connections might be state of the art. But if the guy at the next table is capturing your entire session, you could be in big trouble. Should the session be completely encrypted? Should we just use a lot more self discipline?
This is a lot to consider. Trust your CIO and systems team to develop solutions and use those solutions. Pay attention to the security offered by your ERP vendor. Your entire business is captured in your ERP. Take good care of it!
Five quick actions to improve internal ERP security
Give your internal ERP security a boost with these quick, actionable tips
Why mobile ERP security must differ from standard security practices
Threats to mobile ERP security aren't the same as those affecting traditional ERP; this should be...
Ten actions that reduce the risk of ransomware attacks on your ERP
From backups to BYOD policies, these steps can help to reduce the likelihood and impact of ransom...