Encrypting your ERP
Jul 30th, 2013 by Jesper Kråkhede
Is there any company of size that hasn´t got an ERP system today (Enterprise Resource Planning)? During my many years working in the field of security I have seen and participated in many analysis, checks, test, investigations and whatnots and in many cases we were instructed to not touch the ERP. It was way to mission critical for them. This is a HUGE indicator that security is not taken seriously. But it gets worse!
I suppose you have read about encrypting medical databases in Australia? With the move to ERP in many companies and with the integration of many systems into the ERP a simple restore of the database in often not even possible.
Adding those up and you suddenly have a volatile situation. You have a mission critical system that you are not allowed to secure. If this is not an invitation to a criminal to break in and encrypt your database for ransom it is at least a save-the-date for a later event.