Cloud Based ERP vs Cloud Security

By BAASS Consultant | Oct 3, 2014 12:00:00 AM
 

Looking at Cloud Based ERP, you may be wondering if it is right for you. So let's see if we can clarify some things for you. The implementation of a cloud based ERP has become a means to increase a businesses growth in revenue, and reduce operating costs. This allows the ability to gain greater control over all of the aspects or functional modules of their operations. However, in terms of security there are concerns that may cause some to steer away from using an ERP based solely in the cloud. The following areas are in question when it comes to security.

  • Physical Location
  • Data Transmission
  • Access/Perimeter
  • Storage 

It is understandable that having a cloud ERP means having the same security measures in place as found with an on-premise ERP system. Looking at possible security breaches with an on-premise ERP, we must consider that people or persons will intend to, maliciously, attempt to undermine the integrity of the system. This type of intrusion could be for embezzlement, disrupted service, or other type’s data manipulation. This can happen only if they have access to the location and to the software i.e. a workstation within the confines of the corporation.

In a scenario where the use of a cloud ERP is in place, the physical location is off campus, and possibly in another part of town. Additionally, the types of security measures to the location come in the form of retina scans, fingerprint ID badges, security cameras and other access limiting measures. Furthermore, all administrators work for the cloud provider or the software vendor. This means that no representatives from the company that purchased the software will ever be present.

The concern for privacy during data transmission between the server, database, and the user is remedied by encrypting this data between the destination and the source. The best encryption is with a secure socket layer, (SSL), algorithm. We find this security measure utilized with all web browsers and is the standard for the healthcare, and banking industries for example.

In the case of perimeter security where keeping intrusion attempts from outsiders is mandated a firewall is implemented. This works for both ERP’s, on-premise, and cloud based. Specifically, when there are multiple users for the cloud service. Firewalls are put in place for all utilizing the same service as a countermeasure to ensure security between customers.

All ERP data are considered proprietary and therefore it is imperative to protect this data from unauthorized access. This is accomplished via encryption. Although the database is administered by a non-employee of a given client, the cloud service provides a means to encrypt specific data stored within the database from unauthorized personnel. These same measures may apply to securing data to specific users within the customer’s user groups. This is done normally, through business logic or using a database layer system. Once an individual retains access, the business logic controls what the individual can see. In the case of multiple customers, the database layer system separates the data between the companies.

Having full-featured software that offers a solution with online access to CRM data is pertinent to any accounting software. Additionally, ownership and control in a secure environment is essential as well. You can also read more in our blog post series part 1 and part 2. To talk more about this, or anything else, please Contact Us.

Read More >