Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:01 PM
Connect Directly

The Frontline Value of ERP security

The critical nature of the business process systems means that when it comes to safeguarding, ERP often merits a bit more care.

A specialist system that secures enterprise resource planning (ERP) systems from cyber attack doesn’t just aim to provide bulletproof protection and peace of mind for business owners. It also makes life much simpler and reassuring for IT professionals.

Large organizations heavily rely on ERP systems and its applications to automate and improve functions across the organization, from human resources to product development and sales.

Implementing security measures to detect and mitigate vulnerabilities in ERP systems that would otherwise expose sensitive business information to malicious intruders eventually should be a no-brainer in the boardroom. That’s because these precautions enable IT departments to automatically enforce external and internal compliance requirements, protect against the very latest insider threats and external hacks, drastically reduce audit costs, and enhance the security awareness and skills of all IT staff.

Left unchecked, the same ERP applications that reduced data complexity for business owners might easily present a comprehensive picture of business performance to malicious external or internal threats.

Without specialized ERP security in place, IT teams face a constant battle to proactively maintain defenses in the face of evolving threats. Implications for business productivity and reputation include data compromise, financial losses, and regulatory censure. Despite leading ERP developers like SAP and Oracle working hard to build security functions into their app suites, no system truly arrives "secure out-of-the-box." On the frontline then, it is the IT departments that must learn vendor security best-practices, partner with certified systems integrators, and then help to convince and train end-users to buy in to fresh security practices. ERP deployment is very complex and highly individual to each business -- which is why it is time for security managers to accept some specialist help.
The raw truth is that it can sometimes be hard to see the detailed fissures of the coalface from way up in the boardroom. Few business owners are aware of the security issues surrounding ERP until they have been presented with the data risks by an IT professional and heard how they rapidly translate into business risk. The nuts and bolts of data security in isolation are unlikely to convince business owners of investment, but they will soon come to understand and face the reality that their financial systems, supply chain visibility, HR resources, and entire business reputation could already be under barrage.
Holistic ERP protection demands a fundamental understanding of changing business practices amid an evolving landscape of potential threats -- and it also requires both technical and business professionals understand what is really at stake. Savvy security managers must push remorselessly for professional consulting services, new training and specialist ERP security software to proactively deal with this unacceptable business exposure. As is often the way, although IT investment must be sanctioned from the top, the action generally needs to be kick-started by the IT pros in the basement. Only once the IT department makes the whole business risk-aware will innovative security measures designed specifically to protect ERP systems be acquired and deployed.
Sadly it is also a fact that when an IT professional does detect fresh security vulnerabilities in their ERP, it is highly likely that they’re not the only person to do so, and those other parties are far more likely to have malicious intent in mind. That is why it is absolutely vital to heed security warnings from the frontline -- and protect ERP, ASAP.

Juan Pablo leads the research & development teams that keeps Onapsis on the cutting-edge of the business-critical application security market. He is responsible for the design, research and development of Onapsis' innovative software solutions, and helps manage the ... View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters