17 Advanced Technology and ERP Security ERP Demystified

Security Risks • The balance between making data available to users who need it

ERP and TEchnology • • • Internet, WWW, mobile computing, wireless networking, etc. are

Bolt-ons, Middleware and Portals • A bolt-on is an artificially intelligent, comprehensive execution system

Computer Crimes & ERP Security • Computer crime is any crime accomplished through the

Computer Security • Computer security refers to protecting computer systems and the information they

Review Questions 1. Discuss the data security risks of an organization. 2. What are

Slides: 7

Download presentation

Security Risks • The balance between making data available to users who need it and denying it to those who do not have access is not easy to achieve. Some of the security issues are: 1. Are you certain that sensitive information cannot be displayed to unintended users? 2. Can only the right people in your organization perform critical functions? 3. Does your ERP system give your users access to all the relevant information, to make the optimum decisions? 4. Do your e-commerce requirements have a security plan developed? 5. Are you confident that you have appropriate security and control over your data? 6. Will you comply with external and internal audit requirements? 7. Will you eliminate the disclosure of confidential information? 8. How reliable is your network and ERP system? • Managing the security of ERP information into and out of the organization isa very critical and challenging task. ERP Demystified (Second Edition). Copyright 2008, Alexis Leon. All rights reserved.

ERP and TEchnology • • • Internet, WWW, mobile computing, wireless networking, etc. are some of the technologies that expand our ability to do many things. These technology tools have and will continue to affect ERP systems. Earlier ERP products were inherently secure as they were focused internally. The advancements in technology have made it apparent that there are many reasons to prefer open systems. This not only improves communication with suppliers and customers but also allows the use of more advanced technological tools. According to Manetti, ERP is on the verge of another major evolutionary advance with the following major changes occurring soon: 1. Broader use of Web enabled systems to support closer coordination, especially in supply chains 2. Greater artificial intelligence (AI) driven systems supporting more powerful advanced planning 3. Greater ERP presence in mid-range manufacturing, with more stable technology enabling less time and money for installation 4. More flexible, modular systems (the best-of-breed concept) 5. More third-party applications (bolt-ons) to perform specialty applications accessed by middleware ERP Demystified (Second Edition). Copyright 2008, Alexis Leon. All rights reserved.

Bolt-ons, Middleware and Portals • A bolt-on is an artificially intelligent, comprehensive execution system providing very specific functionality or technology to complement ERP software. • Bolt-ons employ client-specific business rules to meet unique needs. There are many useful applications of this type. The usual means of connection to other organizations with ERP systems is through software components. Middleware is an enabling engine to tie applications together. It can be divided into data-oriented products (supporting ERP integration through sharing data sources) and messaging-oriented vendors (supporting direct data sharing between programs without the need for data files or database). Middleware transforms data into standard formats readable by source and host systems. When Web systems are used, the term Web portal applies to software providing userfriendly access to data. Portals provide user-friendly access to data. Portals enable ERP vendors to maintain a presence in a dynamic market. Portals provide value to supply chain environments, feeding data across the entire supply chain and tapping into the power of an ERP system. While opening ERP systems provides a competitive advantage, it also introduces concerns about security. • • ERP Demystified (Second Edition). Copyright 2008, Alexis Leon. All rights reserved.

Computer Crimes & ERP Security • Computer crime is any crime accomplished through the knowledge or use of computer technology. • Both businesses and governmental agencies lose huge amounts of money every year to computer criminals. Organized crime syndicates are turning to computer technology to practice their trade with more efficiency! The explosive growth of the Internet is changing the demographics of computer crime. There are many types of computer crimes ranging from pirating software and stealing information, to sabotaging systems. There are many threats to the security of information found on ERP systems. Threats across all three forms of access include theft, damage, copying, unauthorized access to information, natural disasters or accidents, sabotage, etc. The most common forms of security threats to ERP are those made possible because of computer technology, including invasive electronic entry through some form of tapping or hacking. The ability to maintain ERP security in a Web environment is mandatory for all ERP systems and all vendors are responding to the demand for providing products that are secure. • • • ERP Demystified (Second Edition). Copyright 2008, Alexis Leon. All rights reserved.

Computer Security • Computer security refers to protecting computer systems and the information they contain against unwanted access, damage, modification or destruction. • Computer owners and administrators use a variety of security techniques to protect their systems ranging from everyday low-tech locks to high-tech software scrambling. Some of them are: 1. Physical Access Restrictions - One way to reduce the risk of security breaches is to make sure that only authorized personnel have access to computer equipment. 2. Passwords - Passwords are the most common tool for restricting access to computer systems. 3. Firewalls - Many organizations use firewalls to keep their internal networks secure while allowing communication with the rest of the Internet. The firewalls guard against unauthorized access to an internal network. 4. Encryption - To protect transmitted information many organizations use encryption software to scramble their transmissions. 5. Security Audits - Audit control software is used to monitor and record computer transactions as they happen, so auditors can trace and identify suspicious computer activity. 6. Backups - Data and software backed up automatically onto disks or tapes from where it can be recovered in cases of a disaster. For maximum security, many computer users keep copies of sensitive data in several different locations. ERP Demystified (Second Edition). Copyright 2008, Alexis Leon. All rights reserved.

Review Questions 1. Discuss the data security risks of an organization. 2. What are the technological advancements in the field of data security? 3. Discuss how the advancements in security features affect the functioning of the organizations. 4. What is the connection of ERP and data security? Discuss with examples. 5. What do you mean by bolt-ons? 6. What do you mean by middleware? 7. Discuss computer crimes. 8. What are the different types of computer crimes? 9. Discuss the importance of security for ERP systems. 10. What do you mean by computer security? 11. Explain computer crimes and computer security. 12. Discuss the various measures used to prevent computer crimes. ERP Demystified (Second Edition). Copyright 2008, Alexis Leon. All rights reserved.