Lets Talk

The Big Mobile ERP Challenge of Keeping Systems Secure

Share This Post

Because we have so much of ‘smartness’ around us, the way we work has also become a lot smarter.

We have ditched those run-of-the-mill desks and grabbed technology to do business. Smartphone’s and tablet PCs, specifically, are being extensively endorsed and employed, not just for the purpose of communication, but also for executing all traditional business tasks, of course, in a digital way.

Enterprise Resource Planning (ERP) is no exception; such systems of today, are riding on ‘mobile’ wheels. Innovation is dynamic and benefits are many.

Companies need to prepare employees for the use of mobile ERP systems,” says Viesturs Zalaiskalns, Channel Manager at HansaWorld, a technology leader and major software house.

But, this entire concept has also arrived with a number of challenges, security being the prime one. ERP systems are vulnerable to breaches, because it is has been jumbled up into a hotchpotch with so many other systems. Mobile ERP has come under the radar, big time.

In a report presented by the Ponemon Institute, 6 out of 10 data hacks happen because of insecure mobile devices. So, what are these vulnerabilities and more importantly, how to overcome them?

Issues in device ownership:

It is the age of BYOD (Bring Your Own Device). But, somehow, this is hampering mobile ERP.

Employee-owned devices blur the lines between personal and professional lives,” says Jeremy Waterman, MD of Sage ERP Africa and Middle East.

Indeed, mobile device management is very difficult. Enterprises usually issue the devices to employees to keep a strict eye on their activities. But, the employees insist on BYOD to access corporate data, instead. This is kind of a hassle, because enterprises fail to control personal devices like the corporate one.

A solution to this problem is to have stringent and documented data ownership policies so that employees don’t take their freedom too far. There should be a fine, defined line between what’s personal and what’s corporate.


No living being on this planet is as distrustful as humans are. They are the biggest threats to ERP system security, overcoming which, is a daunting task. Being responsible about passwords and authentications is not everyone’s habit, not to mention the mindless actions some indulge in.

For instance, say that you have been sharing passwords with a colleague of yours, because you are forgetful. How sure are you that the credentials will never be misused? And, what if you happen to get into a bitter relationship with this person in future?

Although there is nothing much you can do about this issue, a good way is to make employees realize the necessity of secrecy in the corporate world. It is only with responsible hired hands, can we manage a stable ERP system.

Don’t assume that because some users are mature, they will always act responsibly. Whenever possible, the organization should assist in pushing users toward responsibility.” – Inside-ERP.

Software that hit stealthily:

The digital world calls them malware. These software are fast becoming one of the biggest Mobile ERP challenges. With insecure net connections and networks, there has been a deadly gush of Trojans and other virus programs, most of which manage to fly under the radar.

These malware are designed in such a way that they go undetected and hit weak mobile devices hard, whenever, wherever they wish.

A good way to overcome malware is to install antimalware in every mobile device that connects to an ERP system. Also, sensitive and confidential data should not be kept in these devices so as to double the protection.

Multi-Factor Authentication (MFA) also helps in securing such systems with its conditional-access criteria. Also, with controlled wireless access, the influx of hackers and malware can be kept at a tight check.

Still and all, security of Mobile ERP systems is a big challenge. The issues can be dismissed only when the value of the concept really dawns on the people using it. Related policies should be reviewed and re-developed, people should be educated and connections should be monitored more closely. Only then can we expect fully secured systems serving great for business management.