Five quick actions to improve internal ERP security

Like a lot of you, you pushed so hard to get your ERP implemented and working, you let security take a back seat. Well, here are some quick things to do right now to improve ERP security.

1. Make users change their passwords frequently

This is almost too easy. Look at your ERP system users. Now force them all to change their passwords. Instantly your system security got a little better. Find the setting that automatically expires passwords at set intervals. Decide what makes sense at your business and after 90 days, everyone will need to reset their password.

2. Keep on top of user access settings

Every user should only have the transaction screens needed to accomplish their jobs. Most users can have access to read-only dashboards and reports. No one should have access to tables that are not needed for their work. Look over your users now and see if anyone has too much access. If they were missing some access, you would have heard that story already.

Guide: install new software successfully with this step-by-step guide to ERP implementation success

Segregation of duties has been a basic security measure well before ERP systems were invented. The person who writes a purchase order should not be the one who writes a check to pay for that purchase. Look over ERP user access with this in mind and you might find some duties that need segregated.  

3. Monitor ERP usage for irregular patterns

There is a setting in your ERP to turn on transaction logging and to log changes in static data. Use this setting. Capture everyone’s work electronically.  Now develop some queries to run in the background that watch for suspicious behavior. When something odd appears, dig a little deeper.  

Observe the user and assess whether the behavior is legitimate or fraudulent. At first, you will capture transactions that really are legitimate. Now update your query based on your new learning and continue watching and protecting the security your ERP system

4. Keep track of when sensitive data is distributed

Email is a common way for unauthorized data to leave your company security. Did someone just send out your entire customer list? It might have been for an authorized reason but good security requires you at least clarify when this happened, and why.   

Pay attention now or your best customer could begin buying from your competitor. Find a way to spot other suspicious data movement too. That list could also have been in a thumb drive.

5. Have a plan and follow it

What security measures should you adopt to protect your ERP?  Write them down and get a broad consensus to ensure your security system is complete. Agree to some basic processes. Stick to them - though don't be afraid to suggest a change if they aren't adequate.

Some security measures cost money and take effort to implement. Some others are quick actions you can take right away. Once you develop your plan, follow it and keep your ERP secure.

author image
Tom Miller

About the author…

Tom completed implementations of Epicor, SAP, QAD, and Micro MRP. He works as a logistics and supply chain manager and he always looks for processes to improve. He lives near San Francisco Bay in California and can be found on the water in his kayak or on the road riding his motorcycle. Contact Tom at

author image
Tom Miller

Featured white papers

Related articles