How to Secure your SAP Business One System?
ERP Systems Security - Protect Your Assets!
Recently I hear about more and more companies who have been hacked. Hackers are holding network environments hostage by encrypting servers, user computers, and data and are requiring bitcoin payment to unlock a company’s vital assets.
In most cases the hackers have evolved to include deleting or encrypting system backups, so recovery becomes very challenging. Even if you are fortunate enough to identify a recent backup and recover fairly quickly it will still involve quite a bit of effort and stress and of course the loss of productivity during recovery time.
I feel obligated to share this with our ecosystem so that you can take action to avoid these situations.
I encourage any company, whether they utilize SAP Business One or not, to ensure their environment and most valuable data is protected and if needed, consider adding measures to secure their environment while at the same time preparing for disaster recovery.
Here are several simple actions you can take to significantly reduce the risk of such an attack:
Force users to change their network and application passwords periodically
Use a VPN and/or multi-factor authentication (MFA) security access such as Duo (https://duo.com/)
Use separate servers for your database, application, and terminal servers. Only allow the terminal server to be accessible from external sources/internet
Allow external access through a secured and non-default port and close default ports. Allow access only to information that is needed, and do not connect directly to the database server
If you must connect to the database, it is better to access it through a user created specifically for the application with only the minimum needed rights
Ensure a daily backup is in place, and test periodically to ensure backup files are valid and restorable
Copy backups to an external storage system that is disconnected from the main network. Periodically, verify that backups are accessible, valid, and restorable.
I encourage you to implement some if not all of the recommended actions. It can help save your business. Please feel free to comment and reach out to me at firstname.lastname@example.org with any questions!
For a more detailed list on how to keep your company safe, please see our Cyber Security Checklist below, or download a printable version for your Team here: