Security should be a number one priority for Enterprise Resource Planning (ERP) ecosystems. Because ERP solutions act as a backbone to your business or organization, it’s crucial that the data and/or information kept in the system remains safe and untouched by hackers.
In May of this year, organizations across the globe were hit by a malicious ransomware attack that left over 230,000 systems in a state of chaos, with system hackers demanding ransom for systems to be returned to normal.
Sadly, the ‘WannaCry’ attack is not a standalone incident and the media is constantly burdened with stories of businesses that have been hacked or fallen victim to cybercrime. As these kind of attacks become more frequent, CTO’s and CIO’s continue to examine their current systems and prioritize security concerns.
With security the cloud, Internet of Things (IoT, and big data bring, an organization’s ERP system is often overlooked despite presenting significant vulnerabilities.
A recent study by US firm, ERPScan, found that 89 percent of those asked expect to see cyber attacks against ERP systems increase with the average cost of a breach costing $5 million. Within the same study, 44 percent of respondents said they monitored their system’s security, but only 14 percent said they never analyze the security of their ERP systems.
As more connected devices are getting clearance and access to particular ERP systems and exposing potential weakness to be exploited, now is the time for ERP security to be analyzed and but as a number one priority.
Lack of Awareness
Nick Ismail, reporter for Information Age with special interest in smart technologies and cyber security, argues that one reason for a lack of awareness around ERP security is perhaps organizations’ over-reliance on ERP vendors to provide security patches. However, with current vendor security, patches are only received monthly (or quarterly) and on average, most customers don’t apply them for three to six months later. This leaves customers vulnerable to threats for significant periods of time.
Ismail suggests organizations should apply a more proactive solution and monitor the endpoint of the servers and databases in question, and observe the network traffic and signatures to identify malicious threats immediately to provide protection.
“The virtual patching approach provided by third-party ERP support providers enables organizations to apply fixes in almost real time as vulnerabilities arise, not weeks or even months down the line,” Ismail adds.
Maintaining a secure ERP ecosystem is essential if you want to see your business continue to grow (or to continue at all). With an increasing amount of important data stored in various databases and organizations reliant on ERP software, it has never been more important for CIO’s and CTO’s to remain observant and educate themselves on ERP security to ensure their organization remains operational during a cyber attack.
Looking for more information about ERP systems? Download our free buyers guide, where you can find the top ERP software vendors, snippets about their highest ranking ERP solutions and products, plus the top 10 questions and tips to ask yourself and software vendor before purchasing!