ERP Security The Path There and Why It Matters

ERP Security: The Path There and Why It Matters

by John Stewart, Anthony Rotolo
January 19, 2021

There are many reasons why companies implement ERP systems. Amongst these are gaining the ability to scale your business, increasing the productivity of your teams, and gaining access to valuable insights that otherwise would never be available. All of this is great and can help your business immensely, but the vulnerabilities that come with it should never be overlooked.

With Growth Comes Risk

Most reasoning behind implementing an ERP includes growth, and with growth comes risk. We have witnessed the repercussions of growth left unregulated and unchecked over and over again. Most recently we have seen this in the recessions that came in the early and late 2000s. We have seen policy and regulations grow out of these crises and evolve into various regulatory systems in place today.

Because of this, many businesses pay accounting firms to make sure they are compliant and money isn’t leaking out of their business through holes in their processes. The growth that leads to an ERP implementation only widens these potential holes. While there are huge benefits that come out of implementing an ERP, many of them can be negated if the ERP system doesn’t have a robust security solution built into it to prevent issues such as hacking breaches or fraud.

A Proactive Approach Saves You Money Over Time

Having worked on various ERP security engagements, I have seen multiple approaches taken to maintain a strong security infrastructure. I have seen companies cleaning up their security years after they implement an ERP system by bringing in consultants to fix major gaps in their security infrastructure. These companies tend to have significant risks in their systems, a simple example being granting their entire accounting department access to create vendors, create payments and approve payments.

I have also seen companies take a proactive approach to security and invest in it before they even go live on a new ERP. In these cases, the clients have spent significantly less on the initial implementation of a strong security infrastructure than they would spend having to clean it up down the line. I have seen companies spend less money on an initial investment in security configuration before go-live then other companies have paid to clean up a small handful of segregation of duties conflicts in their system 10 years after going live. And that doesn’t include all of the auditor costs involved.

A major reason for this is the time that must be spent properly documenting changes to a live system. Not only does it take tremendous amounts of time and manual, tedious labor to go into a live system and find all of the security holes — to be compliant, many companies have strict documentation requirements for any and all changes to their ERP. The labor cost is astronomical.

So, if you are considering an ERP implementation, plan to invest in a strong security infrastructure during implementation. It will mitigate your risks as you grow and save you time and money in the years ahead.

To learn more about ERP security for your organization, reach out to our experts.

January 19, 2021

Stay In Touch

Sign up to stay up-to-date with the latest accounting regulations, best practices, industry news and technology insights to run your business.

Author
John Stewart - Consulting| Armanino
Managing Director
Anthony Rotolo  - Consultant | Armanino
Strategy Consultant
Resources
More News and Insights
Bitcoin Goes Public
Webinar
Learn why public companies are buying Bitcoin by the billions and what it could mean for your business.

March 3, 2021 | 10:00 AM – 11:00 AM PST
Maximizing Founder Wealth Creation Through Effective Tax and Finance Strategies
Webinar
Gain insights on tax optimization, corporate finance and dilution.

March 3, 2021 | 10:00 AM – 11:00 AM PST
Case Studies
Case Study
Telecom company deployed Dynamics 365 Finance & Operations to modernize and automate business processes.