In principle, every IT system needs to be secure. In practice, some IT systems are less secure than others.
Data and applications dealing directly with financial transactions, customer information or intellectual property tend to benefit from more security attention. Others, buried inside an enterprise, invisible to many yet vital to operations, may not get the same consideration, either from entities using them or vendors selling them. Enterprise resource planning (ERP) systems are an example. However, as vendors now seek to extend functionality adding in modules to facilitate supplier collaboration and CRM to tie customer demand closer to factory schedules, ERP may be among the most exposed systems with the highest impacts in case of failure.
What consequences could the breach of an ERP system breakdown have? Impacts range from production stoppages and sabotaged quality, to theft of customer and payment information. There are also the follow-on consequences for business partners if the ERP system is used as a stepping stone for other attacks to systems connected from the outside. Nonetheless, security continues to take a back seat in many ERP implementations. Vendors are too busy playing catch-up with new functionality. Enterprises using the ERP systems are often obsessed with increasing productivity and profitability, without thinking about safeguarding these items now or into the future.
Given that security is not always built into ERP software, users may have to organise their own protection. System and access logs, firewalls, data encryption and the latest security patches are basic levels of protection, necessary but not sufficient. Users may find that more recent cloud-based systems offer an overall better level of security, although ERP-specific protection may still need to be improved. Managed security services including managed detection and response (MDR) are one possibility. Simple measures such as two-factor authentication (2FA) for accessing an ERP system can also go a long way to prevent unauthorised access stemming from social engineering attacks, a common source of data breaches currently.