Navigating ERP security challenges with the cloud

Cloud use rising bringing both benefits and concerns

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Applications, systems, anddatahave become easier to relocate into thecloud. Rising cloud deployment rates are bringing with them a plethora of benefits – from decreased administrative challenges and reduced capital expenditure, to a shift insecurityburdens. However, CIOs still need to be concerned about cloud security so much so that it is essential that procedures are in place to avoid version lag and threats from new updates.

Cloud ERP opportunities and obstacles

If cloud deployments are correctly configured and an ‘evergreen’ approach to updates is adopted, not only do organizations gain cost and efficiency benefits, but they can also provide tightened security patches, and regular bug fixes, as standard parts of their ability to deliver continuous improvements.

The Software-as-a-Service (SaaS) cloud model is a highly respected replacement for businesses still using the ‘traditional’ on-premise system – as it helps reduce the update and security burden on heavily pressured in-house IT departments. CloudERPsolutions now come with an army of dedicated staff working 24x7 to ensure the SaaS solution remains secure.

Chris Clifford is Principal Security Architect at Columbus UK.

An ‘evergreen’ approach will help bypass version lag

TheMicrosoft‘evergreen’ approach to keeping ERP systems updated, whereby patches are automatically applied on a regular scheduled basis, is a major shift from previous approaches to updates held by IT departments. Once deployed and customized to be fully functional, many businesses avoid ‘rocking the boat’ with updates or patches – often leading to a significantly outdated version.

With an ‘evergreen’ approach, businesses will no longer need to be concerned about using versions of software with limited functionalities or security vulnerabilities. Cloud ERP will constantly run in the background, updating to the latest supported and security-patched version to keep on top of all updates.

Decision time: old software or operational disruption?

Cloud ERP systems can be a double-edged sword in some terms. One side secures systems from acybersecurityperspective and on the other side updates can’t be tested by ERP providers in every business environment, so there’s the low-lying risk of operational disruption when new updates are released or applied. With IT resources already stretched, many businesses do not have the time to read the update notes, making it difficult to decide if the update is worth the downtime and disruption on the user end.

To ensure there’s no unexpected threats to day-to-day operations and business continuity, getting support from a managed service provider alongside testing patch updates on critical processes prior to deployment will be vital – a task that is increasingly being automated to ease the manual burden.

Managed service providers can also help to eliminate the back-and-forth between separate providers, a proactive approach that will result in less operational downtime. It also allows companies to maximize the ROI of their ERP system without the need for heavy involvement from internal IT teams.

Human error happens but training and application security can reduce them

Crucial business systems are often compromised due to end-user mishaps, for example the 2021ransomwareattack on the Irish public health system was caused by an end user clicking on an infectedemail. Cloud became even more highly sought after, as Covid forced more staff to work remotely, due to cost saving and accessibility benefits. However, this led to an increase in cyber-vulnerabilities with corporate devices being connected to personal networks with poor security. As a result, end-user training on cybersecurity was high on the agenda for many businesses – as well as application security.

A granular approach to security means that when one account is compromised it will not affect the users access to systems and data, when configured correctly this will span across the whole organization. Cloud deployment means that if one user account goes down the whole organization, won’t go down to. Unlike for businesses using an on-premise ERP system where if one users account is attacked other critical operational applications such as factory floor or financial systems are also impacted.

Cloud ERP is not a fix all solution

An ‘evergreen’ cloud IT strategy overseen by an MSP will ensure businesses avoid pockets of disruption, reduce IT burden, offload the upkeep of cloud systems, and protect against cybersecurity threats. Organizations can now exploit the benefits of cloud to achieve new efficiencies and futureproof operations – while resolving security challenges swiftly and effectively.

We’ve featured the best cloud computing services.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Chris Clifford is Principal Security Architect at Columbus UK.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

7 myths about email security everyone should stop believing

Your doctor may have an AI assistant taking notes during your next Zoom call