ERP systems–the systems central to many businesses’ operations–are becoming the prime target for cyber attackers. ERP systems contain a treasure trove of information from across the entire organization. From company financials and intellectual property to sensitive personnel and vendor information–everything.
These bad actors are deploying a form of malware that provides quick returns–ransomware. Ransomware locks a business out of their own systems, denying them access to any data. Once deployed, the malicious actors extort payment from the victim.
Attackers often use malware and phishing techniques to target individual employees. This can be the easiest way to gain access to a company’s systems.
To protect your data from a security breach & other incidents:
- Back up your system(s) on a regular basis. Including the system itself and all relevant data.
- Test the backups to check data integrity and ensure they are not infected
- Store backups in a separate disconnected location (not accessible from a network).
Ways you can help prevent malware infections include:
- Train the members of your organization. Provide regular cybersecurity training on how to spot and avoid malware & phishing attacks. Update training as any new threats or approaches used by bad actors arise.
- Require the use of strong passwords. Stress the importance of using unique ones.
- Install and maintain preventative software programs like antivirus, email filters and firewalls.
- Update and patch your computers. The latest OS updates are often the first to address vulnerabilities after they are arise.
- Install ERP software updates as soon as possible.
- Stay up-to-date on any security issues of your ERP.
- Install two-factor authentication where available.
- Limit access to Internet-facing ERP.
- Improve security of integrations.
Check the Cybersecurity & Infrastructure Security Agency (CISA) website for more detailed information. Also see CISA’s ransomware guide (PDF).
Contact us if you would like help assessing the security of your ERP system.