5 Reasons Your ERP Security Strategy is Failing
Your User Passwords Last Forever
This is a pretty common problem. You trust all the employees; after all, you vetted all of them thoroughly and work with them every day. Employee turnover may be frequent and often you will remember to stop their no longer needed access. But everyone gets hacked from time to time and your users can be victimized in a multitude of ways if passwords are not changed frequently. Less obvious are your external users. You granted a password to your best customer so they could check on order status. Have you vetted all of their employees? That could be a problem and allowing their password to stay active forever only compounds the potential ERP security risk.
You Have Enabled Applications That Are Unnecessary
Many of these applications are useful time savers. These days, a lot of applications automatically load into start menus to better serve you by staying up to date. Do you know what you accidentally authorized by not unchecking every box? Probably not. Any of your users could have installed malware that could remain unnoticed and dormant. Running checks regularly on every computer is essential, even for the most basic of ERP security processes.
You Need to Be More Aware of Mobile Users
Your users want to access your ERP from their tablets and smart phones. It’s all in the name of serving their needs better and you have allowed access to all of them. These mobile devices are everywhere and many of us have allowed users to bring their own device. OK, but each device enables a user with a relatively insecure device to connect within your ERP. You haven’t had any ERP security issues yet – but they are coming soon, when you are least expecting it. Install security software on the devices before allowing access.
You Trust Your Users
Your ERP data is your whole business – it is valuable. And your users can extract data to a thumb drive or send it by email anywhere. Develop an ERP data security audit system to track who used what data and what they did with it. Be sure the audit system has alarms to let you know when something suspicious is happening and not after the damage is already done.
You Just Don’t Realize How Open Your ERP Is to the Web
You don’t have a cloud ERP system so why worry? All modern ERPs use internet connections between users and the system. All allow access from outside. Install firewalls, use the best virus software and keep it current.
Just a small sample of risks to your system and the ERP security strategies to counter these risks. Stay alert and be safe.
Featured white papers
Five quick actions to improve internal ERP security
Give your internal ERP security a boost with these quick, actionable tips
ERP and serverless architecture: getting ahead of the curve
What serverless architecture is, and how ERP could adapt to it
Why mobile ERP security must differ from standard security practices
Threats to mobile ERP security aren't the same as those affecting traditional ERP; this should be...