Hacker Tricks from Insiders A Threat to ERP Systems

Today, with the extensive use of ERP systems world wide, there has also been a flanking growth in security related issues. And although ERP security plans aim at keeping outside intruders from gaining entry to a system’s inner network, the problem gets even bigger when hackers get illegal access to the information on ERP transactions, and when they spread Malware such as worms, spyware and viruses.

One of the main ERP business issues in our internet age is the increase in the number of these so called hackers, with some of them even hosting their own virus-filled websites. While some of them do this for financial gains, others just do it for fun. Largely, security in ERP requires a fresh approach; one that not just focuses on data but also on the security of the transactions involved.

While threats from outsider intrusions and attacks continue to go up, the chances for insider systems misuse has also grown by a long way. The fact is that, at the level of transaction, security flaws can be used more often than not by people inside the system. Although many of the available ERP systems present data encryption features which restrict people from exporting any files, it doesn’t satisfy the need for security from fraudulent insiders who take advantage of the authorization they have.

Though ERP systems have used audit logs for keeping an eye on the transactions made by an insider, or any updates in the system; these don’t give much information on whether the transaction was actually necessary or appropriate. And even though suspicious transactions can be sorted out by internal auditors; many organizations don’t install the audit log feature for their ERP system, as some believe that it may affect the performance of the employees.

What’s more, ERP applications continue to be susceptible to security attacks from outsiders as well, as anyone can now break feeble passwords with plain dictionary attacks. On the other hand, some of the most destructive hacker tricks arrive with the use of social engineering, which is about fooling people into giving out their identification details. Meanwhile, many companies have cut down on security related measures that focus on insiders, as they feel that it may act like an added overhead for their employees, and as it appears to affect their efficiency in carrying out their work.

Overall, the threat from insiders seems like the one that causes most of the security issues in organizations these days. And it does look like the future of ERP security would be all about identifying improper use of the system by users inside the organization. After recognizing the significant shortage in ERP security for protecting from insider threats, leading businesses are now using methods that continuously monitor transactions made by authorized users. These work by identifying suspicious transactions and checking whether it is linked to any fraudulent activity. So, if any employee appears to be doing some hacking-like activity, he or she can be instantly contacted though voip and questioned about the reason for such a transaction

Related Post:

computer

• Take a better selfie with Lily
• Free Lecture The Psychology of Computer Insecurity
• MOOC Research and Innovation
• Calculating Ada The Countess of Computing
• When can Quantum Annealing win
• Creating a templated Binary Search Tree Class in C
• Projecting without a projector sharing your smartphone content onto an arbitrary display
• Will a robot take your job
• Facebook Introduces ‘Hack ’ the programming language of the future
• High Resolution Scary Haunted House Wallpapers for Desktop
• TYBSC IT Sem V Question Papers 2009 Mumbai University
• Home automation update
• Very easy to download youtube videos audio mp3 format
• HD Dark Desktop Background Wallpapers Download
• Launching the Quantum Artificial Intelligence Lab
• Syrias children learn to code with the Raspberry Pi
• Running omxplayer from the command line easily using alias
• Largest collection of Google Logos on the web Set 7
• Collection of SQL queries with Answer and Output Set 2
• Prevent access to specific partition or drive
• Summer Games Learn to Program
• PiAUISuite Update and Voicecommand v3 1
• Sign in to edx org with Google and Facebook and
• Large Scale Machine Learning for Drug Discovery

a

• Take a better selfie with Lily
• Calculating Ada The Countess of Computing
• Creating a templated Binary Search Tree Class in C
• Projecting without a projector sharing your smartphone content onto an arbitrary display
• Will a robot take your job
• Forget Turing the Lovelace Test Has a Better Shot at Spotting AI
• A Billion Words Because todays language modeling standard should be higher
• Apple is building a car
• A step closer to quantum computation with Quantum Error Correction
• Could you fly a fighter jet with your mind
• Mounting the home directory on a different drive on the Raspberry Pi
• How Google Translate squeezes deep learning onto a phone
• The Plan to Build a Massive Online Brain for All the World’s Robots
• A Beginner’s Guide to Deep Neural Networks
• How to Copy or Hide a File inside an Image
• The life of a software engineer
• A Farewell to Orkut
• A Project on Windows NT
• Building A Visual Planetary Time Machine
• 10 awesome internet hacks to make your life better
• Google Databoard A new way to explore industry research
• How to put a flash mp3 player in blogger post
• A year and a bit with Inbox Zero
• Map of Life A preview of how to evaluate species conservation with Google Earth Engine

erp

• ERP PPT Presentation on Ecolab INDIA