Equifax, Yahoo, Uber. 2017 was the year where no data seemed safe. How secure is your ERP?
There have been improvements in cyber security in recent years, but ERP systems are still highly vulnerable to attacks. In fact, 89% of experts in the field of cybersecurity anticipate increased attacks against ERP systems in the future . Of that number, 33% expect to see a significant increase in attacks. It is easy to see why it is so important for businesses of every size to invest in cybersecurity as part of their ERP.
Why Are ERPs Vulnerable?
Attackers are intent on taking the quickest and easiest route to the most valuable data. They are well aware that ERP systems are likely to have this data and can have multiple weak points of entry. It is not unusual to find companies that have no plan in place to safeguard their confidential data.
There are additional reasons why ERPs are a favorite target of attackers. One is businesses are not aware of their risk because they tend to put off regular cyber security audits. The result is potential problem areas aren’t identified. Thus no security measures are taken to fix the problem and prevent an incident. This is particularly true for cloud-based ERPs that are often accessed by multiple users over different platforms. You should be especially aware if you are using an outdated or legacy ERP. They often simply can’t stand up to new-age security threats.
Don’t Assume Your Small Business is Safe
It is a common misconception that hackers are only interested in attacking ERP systems of large corporations. The truth is that over 70% of cyber attacks are made against businesses that employ less than 100 people . One reason for this is because small businesses often rely solely on the ERP vendor to provide cybersecurity.
SAP vs. Oracle Case Study
SAP and Oracle both invest heavily in cloud technology. However, our client was skeptical about cloud scalability and unsure if the products were mature and proven.
Tips for Investing in Cyber Security as Part of Your ERP
Keep Your Software Up-to-Date
Software updates are usually done to fix any weak spots or bugs the developer has identified. If you are not automatically updating your ERP software, you are increasing your system’s vulnerability.
Promptly Apply Vendor Security Patches
Routinely updating your anti-malware and antivirus software equally important. This will ensure security patches are implemented as soon as they are provided. When patches are not applied, vulnerable areas serve as an entry point for hackers.
Require Encryption When Telecommuting
If you have employees that telecommute, encryption can help protect your data.
Opt for a Private Cloud
Private clouds are a bit more expensive, but they tend to have more stringent safety measures and fewer points of entry for hackers. Plus, private clouds are usually easier to monitor, making it easier to identify and deflect possible attacks.
Finally be certain that your employees know the importance of cybersecurity. If you have not already educated employees on what they can do to mitigate risk, do so immediately. The top two causes of cybersecurity breaches are negligent employees and inadequate passwords .
Require they create strong passwords that are long and use multiple characters. Encourage employees to change their passwords regularly. Employees should never use the same password for multiple accounts.
ERP vendors can provide ongoing maintenance and support but your organization’s best bet for fighting cybercrime is hiring an independent ERP consultant who recognizes the importance of contingency planning and developing a solid IT strategy.