Who should have access to your ERP data?

Data security is an important consideration with ERP systems and other access to the company’s jewels. Too much access can open the risk of losing a competitive advantage. Too little access can hinder one of the key reasons to have ERP: Providing every user with the information they need to make a decision.

ERP systems as deployed from the box often have screens and reports with data access beyond what any one person requires or should even see. Those screens and reports are the same ones sold to a wide variety or ERP customer users so the providers want to present all the data and allow each business to develop their own rules for data access. ERP customizations can be judiciously used to limit data access to what is required.

Just the minimum

One way to ensure that your ERP data is as secure as possible is to give employees to the data they need to do their job, no more, no less.

A sales clerk has the order from a customer and places the order into the ERP. There is no need to see every piece of data for that customer. The clerk only needs to know that the customer’s credit is approved. That one data from the customer record can be shown in the order entry workflow and the rest remains secure.

Recommended reading: find ERPs which meet your requirements for data protection with our completely up-to-date ERP vendor directory.

There is no need to view the entire production schedule and a simple approved delivery date is also part of the work flow. Once the SKU and the requested date are entered, ERP can check availability or component materials and capacity and either approve the requested date or return another suggested date if this is not possible.

The workflow ensures that the customer’s credit is worthy of this new order and that the product placed in that order has an approved delivery date.

Levels of approval

In order for the above strategy to work, companies need to set up different levels of access for different positions. The more senior you are, the more data you will (typically) need to do your job, which means you will need more access to the information stored in your ERP.

An employee requesting an expense reimbursement seems like a simple task. But was the expense approved to be reimbursed under a project budget? Should it be reimbursed at all? Here is another workflow example.

The employee completes an online form with the dates and amounts and justification for the expense. The workflow automatically routes an approval to the employee’s supervisor. The employee has no visibility into the project funding or its budget. The supervisor might have only limited authorization to view the same data. The supervisor can view budget codes approved for the project and can select the correct account to be charged.

If the amount is within the budget and the supervisor’s approval level, the reimbursement can be approved. If not, approval can pass up another level. Regardless of approval, the project manager might need access to the entire project budget and can modify the account to be charged or even refuse to allow the charge against the project. All the individuals can complete their work with access to information they need but only that information.

author image
Tom Miller

About the author…

Tom completed implementations of Epicor, SAP, QAD, and Micro MRP. He works as a logistics and supply chain manager and he always looks for processes to improve. He lives near San Francisco Bay in California and can be found on the water in his kayak or on the road riding his motorcycle. Contact Tom at customerteam@erpfocus.com.

author image
Tom Miller