|
ERP Security
While most information security initiatives focus on perimeter security to keep outsiders from gaining access to the internal network, the potential for real financial loss comes from the risk of outsiders acting as authorized users to generate damaging transactions within business systems. Security in the e-business, integrated enterprise resource planning (ERP) world requires a new way of thinking about security - not just about the bits and bytes of network traffic, but about business transactions that inflict financial losses from systems-based fraud, abuse and errors.
-
Most ERP systems Security and Authorization require extensive knowledge of security capabilities.
-
The common ERP security “Out of the box” system security definitions are not necessarily correlate to organizational security policy or sufficient.
-
The ERP database contains sensitive information in a variety of subjects such as: human resources, building of materials, financial information, customer data, sales data etc; Therefore is target for data exposure scenarios.
-
Web information security risks are also relevant to Web-based ERP systems. Risks such as data exposure over TCP/IP and internet, data storage in cookies, session management and other risks are added to those listed above.
Avnet Information Systems Security & Risk Management has developed a unique and innovative methodology of combining information security in assimilation projects of ERP systems starting from the initial phase, through the development and customization and up to the post launch support.
|
