5 Reasons Your ERP Security Strategy is Failing

Your User Passwords Last Forever

This is a pretty common problem. You trust all the employees; after all, you vetted all of them thoroughly and work with them every day. Employee turnover may be frequent and often you will remember to stop their no longer needed access. But everyone gets hacked from time to time and your users can be victimized in a multitude of ways if passwords are not changed frequently. Less obvious are your external users. You granted a password to your best customer so they could check on order status. Have you vetted all of their employees? That could be a problem and allowing their password to stay active forever only compounds the potential ERP security risk.

You Have Enabled Applications That Are Unnecessary

Many of these applications are useful time savers. These days, a lot of applications automatically load into start menus to better serve you by staying up to date. Do you know what you accidentally authorized by not unchecking every box? Probably not. Any of your users could have installed malware that could remain unnoticed and dormant. Running checks regularly on every computer is essential, even for the most basic of ERP security processes.

You Need to Be More Aware of Mobile Users

Your users want to access your ERP from their tablets and smart phones. It’s all in the name of serving their needs better and you have allowed access to all of them. These mobile devices are everywhere and many of us have allowed users to bring their own device. OK, but each device enables a user with a relatively insecure device to connect within your ERP. You haven’t had any ERP security issues yet – but they are coming soon, when you are least expecting it. Install security software on the devices before allowing access.

You Trust Your Users

Your ERP data is your whole business – it is valuable. And your users can extract data to a thumb drive or send it by email anywhere. Develop an ERP data security audit system to track who used what data and what they did with it. Be sure the audit system has alarms to let you know when something suspicious is happening and not after the damage is already done.

You Just Don’t Realize How Open Your ERP Is to the Web

You don’t have a cloud ERP system so why worry? All modern ERPs use internet connections between users and the system. All allow access from outside. Install firewalls, use the best virus software and keep it current.

Just a small sample of risks to your system and the ERP security strategies to counter these risks. Stay alert and be safe.

author image
Tom Miller

About the author…

Tom completed implementations of Epicor, SAP, QAD, and Micro MRP. He works as a logistics and supply chain manager and he always looks for processes to improve. He lives near San Francisco Bay in California and can be found on the water in his kayak or on the road riding his motorcycle. Contact Tom at customerteam@erpfocus.com.

author image
Tom Miller

Featured white papers

Related articles