Using EnterpriseOne on your server might be a security risk

Using EnterpriseOne on your own server is currently only available to corporate clients with special needs. Such clients can manage all the security, infrastructure and system requirements, needed to run EnterpriseOne Server. It is also important to note, that running own installation of EnterpriseOne Server is costly operation, which is justified in very few real-world cases. Running and monitoring the server software is delicate and time intensive operation.

There are also some legacy clients, who, although not corporate, still manage their own server installations, licensed by the time when this was still possible.

These non-corporate clients might be at security risk, without even recognizing the danger.

THE ISSUES

This is a short summary of some of the issues with hosting your own installation of EnterpriseOne Server:

1. Data protection

Most such clients think, that their software is "with them" and "behind closed doors". This might be a dangerous misbelief. Although the data might be near them, this doesn't mean it is fully protected from the dangers of Internet. Practically 100% of the modern business networks are connected to Internet in one way or another. And while the data proximity might soothe the management, the reality might be that their data is much easier to be compromised, compared to when the data is placed in a protected data center.

This is not only mistake by the management however. Often, the local sysadmins mislead the management, that locally storing the data is the safest option. So, re-hosting the installation in a data center (DC) is not even discussed at management level. The reality is that, except for a few single corporations, government agencies or hosting-specific IT companies, the businesses cannot provide protection which is even near the level of protection and 24/7 real-time monitoring, which is provided with EnterpriseOne hosting.

2. Frequent OS, database and related software updates

Each new version requires some new peace of software in order to run properly. The new versions are developed in a fast pace, requiring frequent modernization of the server environment. This might be both financial and operational challenge for the client.

3. Real-time monitoring

Perhaps this is the single, most overlooked issue of own hosting of EnterpriseOne Server. Management and even local sys admins often simply do not organize any kind of real-time monitoring of the installation. This can lead to many issues - from compromising data without even noticing to many kinds of performance problems.

4. Performance optimization

Usually, the clients who manage their own installations, think that performance is sole responsibility of the ERP vendor. This cannot be further away from the truth! Most performance problems are usually based on problems, unnoticed in the local installation. Even when the problem is in the way the ERP works, it is usually something specific for the client. 

One think to understand, is that performance optimization is not a one-shot story. In order for performance to be optimized, this requires careful monitoring of the data access trends. It requires building a baseline and monitoring the changes. Only such level of scrutiny can provide the proper input for a bug report to be filed with the vendor.

Another thing is, that hosted installations of EnterpriseOne Server are monitored for performance problems 24/7. When a client has a performance problem (or even without a client noticing!), the hosting team has usually all the necessary data to file a bug report.

5. Managing the server installation of EnterpriseOne

Managing the server installation of EnterpriseOne has specific requirements, which also change over time. As the developer of the ERP software, we fully understand these requirements and request the necessary changes to the underlying infrastructure. Small improvements are frequently tested and applied to the infrastructure. Constant optimization is the way things operate.

Even experienced hosting and system administration companies cannot cater better to the unique "needs" of our server software than us. This is the reason, why even hosting, hardware and software companies using our software use it as a service (and do not privately host it)!

 

THE CONCERNS

Now, having sorted the issues out, lets take a look at the concerns. Usually, the primary concern is that the data might be compromised by the hosting provider itself (us). So, I want to elaborate exactly on this.

The team at partners companies, who support customers deployments, has only user-level access to the ERP systems. The same goes for the employees of the ERP vendor. The data is actually hosted in a separate, physically protected data centers, which are located in different physical locations.

The support teams need normal user name and password in order to login to the customers databases. It is very much the same as when they support a customer with its own installation. In fact, many customers with own installations, when in a need for support, actually provide full access to their Windows Server and SQL Server. This is because it is usually the same server as the EnterpriseOne Application Server! This is not the case in a hosted environment; things work in a much more secured and monitored way there.

The developers. They simply don't have access to the production databases. Period.

In a data center environment, things run in a very reliable way. The technicians, who have actual access to the server hardware use a special security protocol for doing so. Each access is allowed after filing a special request for each occurrence (with time limit, etc.). The request is approved three-lateral - by the data center, by an infrastructure manager and ERP vendor official. So, actual compromise is very, very hard.

Yes, no organizational system can provide 100% protection. And yes, the human factor is the biggest risk. But in reality, there is much bigger risk that a single internal employee at the customers site can compromise the data, compared to the protection provided by data center hosting.

Беше ли полезна тази статия?
1 от 1 считат материала за полезен
Имате още въпроси? Подаване на заявка

0 Коментари

Влезте в услугата, за да оставите коментар.
Powered by Zendesk