The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, released the findings from the first research survey on “Enterprise Resource Planning (ERP) Applications and Cloud Adoption.” The study offers greater insight into cloud preparation and migration, the features and benefits gained, and the security and privacy challenges for ERP systems in a cloud environment.
The study, which was sponsored by Onapsis, a leader in business-critical application security, surveyed 199 managers, C-level executives, and staff from enterprises in the Americas (49%), APAC (26%) and EMEA (25%).
“The cloud computing ecosystem is maturing rapidly and business-critical applications, such as ERP solutions, are being moved to cloud environments. With this shift, organizations are starting to explore the question of whether a cloud environment might alleviate traditional challenges that business-critical applications normally face,” said John Yeoh, Director of Research, Americas for the Cloud Security Alliance. “As moving to the cloud raises its own security and privacy challenges, we wanted to provide some benchmarks regarding the myriad issues surrounding cloud migration and security.”
According to the survey, 69 percent of organizations are migrating data for popular ERP applications to the cloud, moving to major cloud infrastructure-as-a-service providers, with the overwhelming majority, almost 90 percent, stating that these applications are business-critical.
In line with the top three migration concerns – moving sensitive data followed by security and compliance – the research finds that attackers are evolving, too. Over half of the survey respondents stated that they expect security incidents in the cloud to increase in the next year.
Yet, when it comes to accountability, there are troubling misconceptions: While 60 percent of survey respondents claim that they feel the cloud service provider is responsible for a breach, 77 percent believe that it is the responsibility of the organization itself actually to secure their ERP applications. Third-parties are held least accountable and responsible. This perception gap shows that organizations need to take more ownership of their business-critical applications while migrating them to the cloud.
“In any cloud migration, regardless of the provider, security must be implemented from the start and implemented in phases throughout the project. Organizations are concerned about moving sensitive data across environments, then addressing the security and compliance implications that come of that migration. Our studies have found that implementing security in each phase of the migration could save customers over five times of their implementation costs,” stated Juan Pablo Perez-Etchegoyen, CTO of Onapsis and Chair of the CSA ERP Security Working Group.
Read the full results of “ERP Applications and Cloud Adoption” and check out Perez-Etchegoyen’s Best Steps for a Safe Shift of ERP Applications to the Cloud.
Looking for more? Download our ERP buyers guide for free and compare the top-24 products available on the market with full page vendor profiles. The guide includes four key capabilities to look for in an ERP solution, plus five questions to ask yourself and five questions to ask the software provider before purchasing. It’s the perfect resource for anyone looking to find right ERP for their business/organization.
Latest posts by Elizabeth Quirk (see all)
- Looking at Cloud ERP Within SMBs - February 15, 2019
- Research Finds More Than Two Thirds of Manufacturers and Distributors Rate Successful ERP Implementations - February 13, 2019
- 5 Best Practices for Selecting ERP Software - February 12, 2019