Cloud ERP

Data Security: The Age of Mobile ERP Applications

Written by Chandler Hutchison | Jun 9, 2014 5:00:00 AM

 

A few weeks ago, Heartbleed – considered one of the worst security vulnerabilities in the history of the Internet – shook up the entire digital world. Exposing sensitive data, such as usernames, passwords, and credit card information, Heartbleed has affected thousands of Internet users.

However, bad things happen for a reason. The Heartbleed bug has shown once again how vulnerable information systems can be when they aren’t properly protected against online malicious behavior. Further, it has revealed a terrible truth, namely that most people are overconfident in the effectiveness of their Internet security practices.  

Protecting Data

New concepts, such as BYOD (Bring Your Own Device) and BYOC (Bring Your Own Cloud), encourage mobile enterprise app development, requiring new security planning to manage the changes in how data is handled and prevent potential security threats from occurring. Since enterprise mobility is expected to gain more and more ground, controlling access to corporate data is about to become a huge challenge.

If you have your own servers, protecting enterprise data shouldn’t be a problem. But what happens when information is distributed across mobile ERP apps? Although controlling how data is handled by employees and customers can be difficult, it’s not impossible. In fact, an effective organization should be able to find the perfect balance between protecting sensitive information and providing access to data so that users’ expectations are met. How can you handle these two aspects without compromising data security and jeopardizing your organization?

Assessing the Latest Security Requirements

Understanding system security vulnerabilities enables you to address concerns head on and implement appropriate measures.

For instance, a typical Dynamics AX deployment model includes sensitive business and customer data, computer codes, network connectivity frameworks, and physical infrastructures. Since mobile ERP apps imply data distribution across both private and public networks, AX provides varying degrees of security.

Imagine a pyramid with the most unsecured environment (the Internet) on top and the most secured environment (the Intranet) at the bottom. These two areas are connected through subsequent security layers, which form the perimeter network or screened subnet and contain the public-facing infrastructures that handle user access.

Regardless of how users connect with Dynamics AX, be it via web browsers, virtual private networks, or point-of-sale terminals, an external firewall filters incoming traffic and accesses specific protocols to direct traffic toward appropriate destination ports based on users’ roles. If users are un-assigned to roles, they’re unable to access information. There’s a second firewall that filters and directs users based on apps, ports, and sources. Dynamics AX also allows you to develop security threat models for more efficient vulnerability identification and remediation.

Now that you know how Dynamics AX's security tool works, it’s time to find out what areas it protects. Focusing on mobile ERP more than other software developers, Microsoft has complemented AX with the following security features:  

  • App Security – App security comprises user authentication and code management. Relating to usernames and passwords, user authentication is essential in establishing data rights and recording activity. Additionally, Dynamics AX can be set up to restrict access based on IP address. To ensure a high level of security, AX runs all codes on servers and considers all users as untrusted.
  • Data Security – Dynamics AX makes available various levels of data security. For example, while some users may have ‘read-only’ access, others are allowed to create, edit, approve, and delete documents.  
  • Access Security – Access security stops malicious users from gaining access to sensitive data. Lack of access security provides hackers with a way in, making it easier for them to retrieve sensitive information.
  • Transmission and Storage Security – AX can be configured to use SSL encryption when information is transferred across public networks. Further, sensitive data can be encrypted before saving it in the database.
  • Physical Security – As with other mobile ERP systems, the physical environment of Dynamics AX can be located off-premise. This prevents people with malicious intent from physically accessing hardware.                

Perhaps you’re unfamiliar with certain mobile ERP security measures, which may be quite different from those of on-site software products. However, once you understand them, you’ll be able to set up your ERP solution to be more secure than any traditional on-premise system.