Data safety is a common concern for today’s businesses—and it should be. According to an article by Tech.co, data breaches in 2022 were prolific, forcing US businesses to pay millions in damages. Combatting such data disasters is challenging, but it is possible. It all begins with implementing a secure and comprehensive ERP solution.
But businesses have a choice to make. Should they select an on-premises or a cloud-based ERP solution? Which is the safest home for their data?
Understanding the differences between the two software options can help answer these important questions.
Data Safety: Cloud Vs. On-Premises ERP Systems
Let’s start by looking at an on-premises ERP solution. It requires that a business physically purchase, maintain, and store in its own facility the hardware on which the ERP system runs. Substantial upfront and recurring costs go into storing the technology and hiring the IT staff needed to manage required operating system and database upgrades and to mitigate security/access risks. For some businesses, an on-premises ERP system causes tremendous stress, as their IT teams are constantly striving to keep the system secure and to stay ahead of incessant and increasingly elaborate cyberattacks.
In comparison, cloud-based ERP solutions allow businesses to relinquish their maintenance and security concerns to the ERP vendor. The vendor maintains the servers in its own datacenters, provides automatic software updates, upgrades the hardware as needed, and ensures that all data stored in the system is safe from today’s newest cyberattacks and most ingenious hackers. With a cloud ERP system, businesses pay a subscription fee that covers these services, which eliminates the considerable initial costs associated with on-premises ERP solutions.
Cloud ERP’s Security Capabilities
A cloud ERP solution ensures end-to-end cloud data security—from authentication to data entry, from transmitting the data to protecting it in the database. For example, cloud ERP solutions are hosted on secure platforms, like Amazon Web Services (AWS), which automatically encrypt the data that enters their global networks. They also give customers the tools to set up the processes and controls needed to comply with industry regulations (e.g., PCI DSS, HIPPA, and GDPR).
Cloud-based solutions are also designed to identify and immediately address security threats using tried-and-true methods, such as constant monitoring, frequent testing, and automatic—and regular—backups. If vulnerabilities and weaknesses do occur, the ERP vendor is responsible for finding and fixing them. For the vendor, failing to protect a business’s data results in huge monetary payouts, significant reputational damage, or both. So, it’s in the vendors’ best interest to ensure that their users’ data is safe and protected.
How Businesses Can Help Safeguard Their Own Data
Once a company has implemented a cloud ERP solution, it has taken the first and biggest step toward unrivaled security. However, even with the many cloud data security features and functionalities provided by a cloud ERP solution, businesses can—and should—play a role in safeguarding their own data.
For instance, companies should have an established access management system and protocols that help them manage employee permissions. As new users are added to the ERP system, the business must set the right permissions for these new users, thoroughly train them in proper data etiquette, and teach them to recognize cyber threats. When employees change jobs, they immediately should be assigned a new role so they get the data they need and cannot see data outside their job area. And when employees leave the company, their access permissions to the ERP system should be cancelled immediately.
Passwords are still the most common way to securely access accounts, but passwords have also become the weakest single point of security over time. Attackers have developed new ways to breach passwords much faster than ever before. Even if long, complex passwords are used, relying on a single authentication method isn’t enough. A password can be mismanaged and subsequently stolen or guessed through a specialized cyberattack.
Using multiple-factor authentication (MFA) enhances account security. According to Microsoft, 99.9% of account compromise cyberattacks can be prevented by just enabling MFA for company or personal accounts. From a corporate point of view, MFA can and should be enforced for all the accounts in an organization.
Beyond internal considerations, businesses must also remember that, as Forrester predicted for 2022, “Sixty percent of security incidents will result from issues with third parties.” Data breaches may stem from the third-party applications a company uses to manage its business operations and extend the functionality of its cloud ERP system. Or they may come through different links in the company’s supply chain—links with which the business has had to share proprietary information.
Unfortunately, though all inbound and outbound data does go through the cloud ERP system’s business logic, the ERP vendors themselves do not control all these third-party integrations or supply chain links. Businesses must regularly review the safety of their applications and establish protocols for carefully sharing information with their supply chains.
How Acumatica Can Help
To recap, on-premises ERP systems are popular with many businesses, but the data stored in these systems is vulnerable to sophisticated cyberattacks or insider mistakes. Maintaining an on-premises ERP solution’s hardware and software, managing upgrades, and researching and battling the latest viruses and malware concerns requires more time and money than most businesses can provide—particularly because these things rest squarely on the shoulders of already overextended IT teams.
But, with Acumatica’s modern cloud ERP solution, businesses can rest easy knowing their information is in the best hands and is well protected by Acumatica’s dependable layers of cloud data security. These layers are described in detail below.
- Access Security
- Object-level access controls allow you to set up role-based access to specific screens, inquiries, fields, and reports.
- Your data is protected by federated security through the use of Single-Sign-On (SSO) and Multifactor Authentications options (MFA).
- Data Security and Integrity
- For every screen, inquiry, and report, you control the setup of access permissions for user accounts, sub-accounts, customers, financial accounts and much more. These permissions are automatically enforced by every screen and report.
- Any data entered by a user, whether it is in the main program or via an API integrated function, is neither trusted nor accepted until it has been processed through every facet of Acumatica’s business logic.
- Application Security
- Application code and verification logic are entirely managed on the Acumatica server. New code is introduced via highest-quality, industry-standard procedures, and regular audits ensure these processes are followed and maintained.
- Acumatica’s hosted SaaS environment utilizes a NextGen Web Application security solution that continuously monitors and protects your information from malicious attacks that could result in a data breach.
- Transmission Security
- To ensure the integrityof data packets during transmission, Acumatica encrypts all connectivity via web browser and through all API integrations.
- For network data transmissions, Acumatica utilizes the following encryption algorithms:
- Advanced Encryption Standard (AES) 128, 192 or 256-bit encryption
- TLS 1.2
- Storage Security
- Data stored in your Acumatica Database instance, whether on hosted SaaS or an on-premise server, is encrypted.
- Sensitive data is only accessible through the Acumatica business logic.
- Physical Security
- All application code runs on Acumatica servers, which are maintained in a professionally secured datacenter.
Acumatica customer Elena Mheidze (CFO, Erickson International) experienced firsthand the relief Acumatica’s safeguards and security layers provide.
Mheidze and her team were relying on Sage 100, which was difficult to implement and ran slowly on Erickson International’s on-premises servers. Mheidze says, “With Sage 100, we had to maintain a server, and that server had a lot of associated costs. So, removing the headache to maintain the on-premises system was the number one reason we chose to go with Acumatica.”
Today, Erickson International relies on Acumatica and AWS for automatic back up and security procedures. Says Mheidze, “Before, there were a lot of costs, maintenance, and roadblocks about security. I was constantly worried. Now, all I need is a solid internet connection to get to the ERP [solution] from anywhere.”
To learn more about how Acumatica and our hosting partners ensure 24/7 cloud data security for businesses like Erickson International, contact our experts with any questions and/or to schedule a demonstration.
Is cloud ERP safe? The answer is a resounding “yes” with Acumatica.