Mobile ERP Security: Stress, Strains, and Struggles
There are some powerful advantages to mobile ERP. But as you suspect, there are some downsides too, and one in particular is very significant.
Any connection to your ERP system through your firewall is a security risk. But people have been connecting from home or remote offices on desktop machines for a long time. Those risks are somewhat controlled today but they still exist and cannot be ignored. The crucial step in securing mobile ERP systems is to educate users on the security risks, and their responsibilities when accessing mobile ERP.
When the connection is through a smartphone or tablet, the risk is much greater. These devices are susceptible to viruses or other malware just like a desktop computer. The difference? The systems available to protect most mobile devices are much less robust. Those protection systems that need improvement include both the carriers and third party services. You can steal a lot more from a multi-national corporation than you can from a high school kid, and that makes your mobile ERP system vulnerable.
A Question of Self-Discipline
These devices are small and portable. They are also easily and frequently stolen or lost. Is your password allowing access to the ERP system saved in your device? Do you have sensitive data saved in the device memory? These are worth much more than the $500 your device costs. We see in the news regularly where someone misplaced their entire customer list including complete contact information. People have misplaced medical records and government ID lists opening up that list to all kinds of problems. Solution? Handcuff the device to your wrist? Develop powerful log on codes and passwords to use the device?
Are you using mobile ERP at a restaurant or your hotel? Public wi-fi may not be secure. Your password scheme and firewall connections might be state of the art. But if the guy at the next table is capturing your entire session, you could be in big trouble. Should the session be completely encrypted? Should we just use a lot more self discipline?
This is a lot to consider. Trust your CIO and systems team to develop solutions and use those solutions. Pay attention to the security offered by your ERP vendor. Your entire business is captured in your ERP. Take good care of it!
Is BYOD a bad idea for ERP security?
A comprehensive look at the ERP security risks presented by BYOD policies
Four ERP security issues faced by public sector companies
Public sector ERP brings a unique set of security challenges - here’s what to look out for
How to implement a mobile ERP with minimum disruption
Tips to make your mobile ERP implementation as smooth as possible