ERP Insights >> Magazine  >> March - 2018 issue

Avoiding Cyber-Security Threats through Timely Up-Gradation of ERP Systems

Author : Suryanarayan Kasichainula, EVP & Business Head (ERP), 3i Infotech
Thursday, March 8, 2018

Suryanarayan Kasichainula, EVP & Business Head (ERP), 3i Infotech

Cyber security threats and the ever evolving threat landscape is increasingly becoming a bugbear for most of the enterprises in India, whether they are government or private organisations. The Indian Computer Emergency Response Team (CERT-In) stated that until June 2017 alone, India witnessed more than 27,000 cyber security threats, which is alarming and raises many concerns.

While the attacks are far more complicated and nuanced now than ever before, and require constant intervention with the latest technologies, many of the enterprises do not have adequate cyber security checks and measures in place.

With the security of the cloud, IoT and big data all taking centre stage, one of the often overlooked vector from an organisation's security standpoint would be protection of their ERP (Enterprise Resource Planning) systems, despite it presenting significant vulnerabilities. ERP systems work with large volumes of vital company, client and employee data. Even a minor security setback in ERP systems can disrupt the fine balance between processes and expose sensitive data to malware and ransomware attacks. Latest cloud-enabled ERP systems handle data from multiple devices and are accessed by multiple users across multiple platforms.

This increases the vulnerability of the system and its processes. Clearly, security should be a priority for ERP ecosystems considering recent cyber-attacks such as WannaCry, Petya that have disrupted organisations globally.

In a recent ERP Cybersecurity survey 2017 of more than 1,900 cybersecurity experts, nearly 89 percent of them expect to see a surge in attacks on ERP systems. 33 percent opine that "significant increase" in attacks and a majority of respondents said they are largely unaware that upgrading the ERP software can help avoid major security issues.

The situation might seem alarming but its solution is fairly simple. Timely upgrades to your legacy or recent ERP systems can enhance your system's credibility and efficiency.

Benefits of timely upgradation of ERP software -

- Outdated ERP software has incompatibility issues: Outdated software won't support new features. Technical support and desktop troubleshooting options are also limited for redundant ERP applications. Incompatible software is bound to crash and cause irrevocable financial loss to the enterprise. In the rapidly-evolving ERP world, the need of the hour is to update software to the latest version and benefit from latest features and services and ample back-end support.

- Legacy ERP software is prone to vulnerabilities: Just as ERP developers are constantly looking for better ERP functionalities, software hackers are devising innovative means to intercept sensitive systems. If your ERP system houses confidential data on sales, accounting, finance or personal data of employees and customers, its security should be watertight. Legacy ERP systems are not competent enough to counter new-age security threats. The recent credit card theft in the US done by hijacking the Point of Sale (PoS) device powered by a weak ERP system is a classic example of how vulnerable outdated ERP systems are. A timely upgrade by a secure ERP system helps avoid data breach.

We are aware of the importance of security for ERP and our offering which is a cloud-enabled ERP system, has been designed using industry best practices and encompasses end-to-end security management and maintenance features to ensure highest standards of security and safety. What enterprises need to ensure is to protect their confidential data using multi-layered security parameters, which is almost impossible to intrude or breech.

With the threat landscape getting more and more complex, it should be a top priority for CTOs and CIOs to remain vigilant and educate themselves on ERP security, to ensure their organisation remain operational during a cyber-attack.

Facebook