Cyberattacks in 2023: so frequent?
According to the annual CESIN barometer (Club of
Information and Digital Security Experts), 2021 was marked by at least one
cyberattack for more than half of the French companies surveyed. This only
counts successful attacks that have had glaring repercussions for the
victimized companies. The impacts have sometimes been severe since 1 in 6
victims believe that the survival of society has been in danger.
At the top of the means used, phishing remains the
most frequent with 73% of attacks suffered, followed by the exploitation of
security vulnerabilities with 53% of victims. Additionally, ransomware attacks
impacted 1 in 5 businesses.
Despite beliefs, a server hosted in the company not
connected to the web is not an effective protection, phishing from emails often
circulating through unprotected internal network flows. What is more, following
the Covid-19 leading to the massive use of telework, the attacks have increased
considerably, as has the number of victims. Indeed, some companies were not
ready to provide secure access to their system from the outside. To react, IT
teams had to prioritize these topics to the detriment of other optimization
projects in the company.
Availability of ERP in the company
The management system of a VSE, SME or ETI is crucial
because it makes it possible to buy, produce, sell, invoice, etc. The cost of a
day of system unavailability for a company is therefore not not neutral, so
imagine 1 month? And what if the ERP solution can no longer be restarted and
all system data is corrupted and lost? The losses become abysmal and certain
costs are less visible: loss of customer confidence, depreciation of the value
of the brand, increase in insurance premiums...
These scenarios are extremely serious, less frequent,
but they exist. Moreover, more and more manufacturers are taking out cyber
insurance. Unfortunately, this will never replace lost time. On the other hand,
compensation can in many cases save the victim company. Nevertheless, insurers
are aware of the risks and will not cover all solutions. Indeed, many security
criteria are necessary to subscribe: they include in particular technical
aspects such as the versions of technical components used, operating systems,
current hardware warranty contracts, etc. These requirements are therefore
strongly linked to the technologies of the ERP software and its hosting mode.
Secure access to the ERP
Like all critical applications, the first bulwark
against cyberattacks is authentication. To guarantee a maximum level of
security, certain standards have become essential, such as the OAuth2
(authorization) and SAML 2.0 (identity provider) standardized protocols. To
complete access security, multi-factor authentication can be added: enter a
code received on a token or validate access on a smartphone application for
example. These access restrictions are not incompatible with a better user
experience since it becomes possible to set up single sign-on (SSO) when these
standards are respected. Thus, the company directory can centralize access to
applications and provide access to the ecosystem in a single connection.
Few ERPs offer this type of authentication as
standard. Sylob offers such an access system in Cloud deployment (OAuth2, SAML
2.0, SSO), it is constantly updated to guarantee its efficiency and take into
account the latest threats and advances in this area.
Encrypted company data
In the event of malicious access to the system, all
data must be encrypted in order to prevent any illegal exploitation. There are
several levels of encryption where only the publisher and/or the Cloud provider
owns the decryption keys. Thus, in the event of a data leak, the AES-256
encryption standard makes all the information recovered absolutely unreadable.
ERP backups
In the event of data corruption and/or infection, the
ERP data and application configuration backup system remains just as important.
It also performs other roles independent of cyberattacks (human error,
malicious action, etc.). Effective backup management is characterized at two
levels. First, a backup over several rolling hours makes it possible to return
to a recent previous situation, with little or no loss of data. In the case of
a quick report, this is the ideal procedure because it represents little impact
for the company. Secondly, it is important to be able to return to a previous
state p oldest, for example 2 weeks ago. It is indeed common for the corruption
situation to be discovered only after a delay of several days or even several
weeks, the attack being dormant over this period and therefore not yet visible.
ERP technologies
ERP software is built using computer languages,
libraries, libraries, technical components, etc. Each of these layers can
represent a vulnerability when it is outdated. These weaknesses are greatly
minimized on the latest versions. However, to be able to use them, all the
layers must be compatible with each other. Ultimately, to update a simple
component, it is sometimes necessary to replace another component with a
considerable impact, such as an obsolete display layer. In this case, all the
ERP screens must be taken over by the publisher and the investment is not
sustainable. As a result, it is impossible to deploy a complete up-to-date
configuration.
For Sylob ERP, these configurations are updated with
each major version. The investments are sometimes heavy for the editor but they
guarantee the durability of the solution. To be able to deploy Sylob in a
high-level Cloud, these steps are simply mandatory. In order to optimize this
configuration management work, a deployment in containers was chosen as for most
SaaS solutions. These developments are thus becoming increasingly transparent
for DevOps teams and for user companies, reducing service interruptions from a
few hours previously to only a few minutes now.
Choosing a secure ERP: how to navigate?
To choose your ERP, it is difficult to be able to realize the resilience and the possible vulnerability of the compared software. However, there are a number of questions to ask to enlighten you, here are several examples:
- What technical content has been deployed in past major releases? The release notes inform you about the reality of technical security updates and non-obsolescence of components.
- What is the percentage of companies using the latest version of ERP? If the rate is low, it means that the latest versions are difficult to deploy or too expensive.
- How many backups are offered and how often? How are they checked to be functional in case of real need?
- Is the data encrypted and how?
- What authentication protocols are used and how are they updated? If no standard is respected or if it does not take into account developments in terms of vulnerabilities, access to the system represents a major weakness.
- What software does the ERP depend on? If it is accessible from a web browser (full-web solution), then it only needs to be up to date. If it is to work through defined operating systems or by installing dedicated programs, be sure to check the compatible version and its upcoming obsolescence.
- Have external security audits been carried out? They allow an independent analysis of the security vulnerabilities present with a classification of their severity.
More and more professional insurers are now asking for
these elements because they are aware of most vulnerabilities. The cost of the
premium, to be taken into consideration in the overall cost and your
comparisons, will be established according to the answers provided.
Sylob ERP pays great attention to these issues based
on more than 7 years of experience in Cloud deployment. This solution
represents the best protection to date that we can recommend, consistent with
the savvy requirements of cyber insurance.