Customer Advisory Group

Think Big - Start Small - Work Smart with CAG

  • Home
  • About
    • Mission
  • Services
    • SAP & CAG Project Rise - ​Resilient Access Governance for the Transition to the Cloud
    • SAP Compliance Assessments and Roadmap Development
    • GRC - Access Control Implementations
    • GRC - Process Control Implementations
    • SAP Security Role Remediation and Re-design
    • GRC & Security Support Services (SmartSourcing)
    • SAP S/4 HANA Upgrade Services
    • Pathlock AVM Implementation Services
  • Testimonials
  • Events and Discounts
  • Contact Us
  • Blog
Let's Talk!

[email protected]

Call Toll Free: +1-888-477-4950
MENU
  • Home
  • About
    • Mission
  • Services
    • SAP & CAG Project Rise - ​Resilient Access Governance for the Transition to the Cloud
    • SAP Compliance Assessments and Roadmap Development
    • GRC - Access Control Implementations
    • GRC - Process Control Implementations
    • SAP Security Role Remediation and Re-design
    • GRC & Security Support Services (SmartSourcing)
    • SAP S/4 HANA Upgrade Services
    • Pathlock AVM Implementation Services
  • Testimonials
  • Events and Discounts
  • Contact Us
  • Blog

Our Blog

Cybersecurity and Enterprise Resource Planning Applications

2/12/2016

0 Comments

 
​Historically Enterprise Resource Planning (ERP) implementations have been secure inside the firewall but interconnectivity and data enrichment needs have evolved the threat matrix.  Security Managers, Auditors and Compliance Managers need to look deeper than classic segregation of duties and Sarbanes Oxley (SOX) requirements when analyzing risk.  The dialogue has recently expanded to include inquiry into how SAP, PeopleSoft, JD Edwards and other ERP software implementations can be folded into an overall Security or Cybersecurity Program.  These large scale ERP software packages are the backbone of corporations, governments and supply chains across the world.  They manage everything from human resources, financials, production creation and delivery, customer maintenance and archival. 

Connectivity to internal ERP software has increased and the network firewalls and perimeter no longer defend the application.   Cloud connectivity and data enrichment through sales, purchasing, human resource management and other applications in the cloud are new avenues for hackers.  Mobile devices accessing core ERP data and the need for portions of the application to be available to the internet have opened new vulnerabilities.  The risk to corporate intellectual property, customer, vendor and employee critical data is high and knowledge of how to protect against threats is low.  Organizations need to understand and respond effectively step ahead of the hackers and protect the business critical data housed in ERP systems.  Education and security are critical in order to reduce risk and train staff to maintain a Cyber Secure ERP implementation.  Application level security is not the hot topic that chasing hackers on the network is, but it's a vital component of an overall Cybersecurity program. 

The next generation of Cybersecurity Leaders will need to take a holistic view of the threat matrix; including network, firewall, server, application, and user level risks into account.  A secure environment starts with strong and enforceable security policies, threat detection and response, patch and upgrade programs, and access management processes.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    RSS Feed

    Picture

    Authors

    Assorted Members of the CAG Team providing insightful information on current topics related to GRC, Security, and Audit.

    Archives

    July 2016
    February 2016
    September 2014
    June 2014
    March 2014
    February 2014
    November 2013
    November 2012
    October 2012
    March 2012

    Categories

    All

Navigation

About Us
Our Mission
Our Services
CAG Blog
CAG Customer Forum

Contact Us

Picture

Customer Advisory Group © 2022  All Rights Reserved