ERP Implementation

How Will The NSA Scandal Affect ERP Software?

Written by Chandler Hutchison | Jun 16, 2014 5:00:00 AM
 

The warrantless searches performed by the NSA on Americans’ phone calls, emails, Google searches and even social media interactions have broken every security policy, compliance requirement and audit regime, creating quite a buzz. The fact that the NSA has been spying on everyone’s data affects not only regular people, but also companies along with the top IT players.

Tech Leaders Start to Fight Back

Many US and foreign organizations not only have moved their data onto clouds outside the country; they also have decided to boost IT security measures. Technology leaders, including Microsoft, Apple, Cisco, Google and Yahoo, are currently supporting campaigns against secret surveillance, while raising awareness about the importance of cybersecurity and pressuring government to adopt a stronger version of the USA Freedom Act bill. All these affect the entire IT industry. But the most important thing for a business owner is the degree to which the NSA scandal has impacted the IT sectors, including new ERP software development and adoption. Are the current ERP systems, especially the could-based solutions, really safe to use?

Recent studies have pointed out that the revelation of NSA surveillance has minimally affected the development and adoption of cloud-based ERP software, with 43 percent of IT professionals still recommending cloud-hosted solutions compared to 47 percent before the NSA’s surveillance program to be disclosed.

However, what many people don’t know is that the NSA has the right to access data, whether it’s on a private or public cloud. This means that the Agency can legally demand information from any US-based company, even if the company in question preserves data for foreign-owned enterprises. Furthermore, the NSA can access and inspect encrypted data as it travels over public and private clouds without asking for permission beforehand.

How Does Data Collection Affect Your Organization?

Leaving aside the fact that your organization relies on the trust of users to do business and the NSA’s access to sensitive data has damaged that trust, you have no reasons to worry about data collection if your company has no connections with terrorists.

Another important point is that even though cloud-based ERP systems, such as Dynamics AX and Acumatica, offer services over the cloud – which means that your business data can be accessed by anyone, including the NSA – software developers are building their businesses around data security. This means that they can protect your data along with the sensitive information of your customers much better than you can. Further, ERP developers are planning to strengthen IT security in order to respond to the “NSA threat.”  

The downside? Developing new technologies for more secure data communication and storage comes with two major drawbacks:

  1. ERP systems will be more expensive
  2. They’ll be more difficult to deploy and maintain

Although encryption keys and special tools already exist to secure data transfer and storage, more advanced security techniques must be implemented. Considering the computing power of the NSA, IT developers are planning to adopt extraordinary measures to secure data, including changing software architecture, encrypting internal traffic, developing strong-enough proxies to hide search activities, monitoring gateways, ATPs and endpoint security continuously, and finding new ways to protect and manage encryption keys. Most solutions will probably be ridiculously cumbersome, irritating and confusing to use, eventually leading to a variety of issues, such as limited traffic, errors and disruptions. All these are expected to cost US companies lots of time and money – two luxuries hard to come by in a slow economy.

The Solution: Cloud-Based or Closed IT Systems?

You can easily avoid a series of problems by developing a closed IT system. But the inconveniences typically accompanying this system will far outweigh the extra data protection it may provide. Some of the inconveniences you may encounter include failure to recover data after a system crash, impossibility to gain access to business information from other locations and inability to update and share data in real time. In addition, creating a closed IT system requires a large upfront investment in IT infrastructure and office space.

In conclusion, opting for a cloud-based ERP solution is the best decision you can take in order to benefit from a flexible infrastructure capable to manage organizational growth both horizontally and vertically.