called as patch management. One of the biggest ERP threats today is inactive security patches. ERP systems are not often upto-date. Many businesses have an inadequate process for monitoring these updates and putting them into place. IT security teams have their own patch management programs. These programs usually exclude ERP systems. According to security perspective, poor patch management can be costly.
Poor ERP Security Delegation
Defining the handling of ERP security is one of the biggest security challenges in the current year. The consequence is that many preventive measures fall through the cracks. SoD and user management are two terms which are mostly focused by security teams inside ERP-specific departments. IT security teams mainly focus on the OS and networking layer rather than ERP application itself. Today, the key challenge for ERP security is the grey area between those teams. Defining the same, it is critical in closing the gap between them.
The information security teams are not fully aware of the importance of ERP security in a holistic way. This not only includes a lack of awareness about basic security practices but also more modern best practices such as scanning for security vulnerabilities, continuous monitoring, and proper cloud security.
ERP provides with a clear view of opportunities, to serve better to new and existing customers in an ever challenging market. Modern ERP is flexible but one should look forward to the security challenges to increase a business. Therefore, refined attacks are only a small part of the problem when it comes to ERP security. The bigger challenge is organizational. ERP eventually is perching at the root of a business. Today, many of the top ERP security challenges actually come from action not taken by the firms using these systems.
24 August 2017