Security News

Accenture Federal Services gets $729M contract to help the U.S. Army CECOM transform its ERP system
2021-07-28 22:45

Accenture Federal Services, a subsidiary of Accenture has been awarded a $729 million contract to help the U.S. Army Communications-Electronics Command transform multiple enterprise resource planning systems into a single, consolidated model to improve efficiency, enhance readiness, and reduce costs. AFS will support the Army Shared Services Center with organizational change management, agile development, and quality assurance, among other capability support functions.

You've patched that critical Sage X3 ERP security hole, yeah? Not exposing the suite to the internet, either, yeah?
2021-07-07 23:56

Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to an unauthenticated command execution vulnerability. The infosec outfit described in detail the flaws, calling them "Protocol-related issues involving remote administration of Sage X3.".

Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
2021-03-22 01:34

The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "Unsafe deserialization" as an attack vector to permit unauthorized remote attackers to execute arbitrary code on a server directly.

SailPoint acquires ERP Maestro, uniting identity security with SoD controls monitoring for critical apps
2021-03-17 00:00

With this acquisition, SailPoint unites identity security with separation of duties access controls monitoring for an organization's most critical applications, like SAP. This integrated approach addresses the growing risk of over-permissioned, excessive or conflicting access to business-critical systems and the sensitive financial, business and operational data within. "ERP Maestro brings an experienced team with a rich heritage in ERP-focused audit and compliance, coupled with a SaaS access control solution that will help us to extend identity security to wrap in SoD monitoring and access controls for our customers' most critical systems, including SAP and others," said Grady Summers, SailPoint's EVP of Products.

My Office Apps Kechie 2021 ERP: Enabling quick access to business-critical information in real time
2021-01-19 02:30

My Office Apps announced the availability of Kechie 2021 Enterprise Resource Planning software, a cloud-based solution, enabling quick access to business-critical information in real time. With over thirty years of business solutions, Kechie is a proven leader in business transformation software with the use of one or more of its software packages - inventory and warehouse management, manufacturing, finance - or a fully configured ERP system to include all the available modules.

Nagarro to resell Rootstock cloud ERP in the United States, Nordics, DACH and Middle East regions
2020-10-14 23:15

Rootstock Software and Nagarro announced the two companies are entering a partnership to penetrate the cloud ERP market in the United States, Nordics, DACH, and Middle East regions. "Viyom Jain, Global Business Unit Head, CRM & ERP at Nagarro, said,"With Industry 4.0, a cloud strategy with a 360-degree view of customers and business intelligence tools is crucial to the new enterprise.

Oracle updates its Fusion Cloud ERP and EPM to help finance teams leverage touchless operations
2020-09-30 00:15

The latest innovations help finance teams leverage touchless operations, predictive planning, and digital assistants to pivot towards growth. "Our newest innovations help finance teams rapidly adapt to the current economic climate, drive new business models, and improve strategic decision making; all designed to help our customers define their future."

Week in review: ERP security, early warning of ransomware, Active Directory disaster recovery
2020-08-30 07:16

ERP security: Dispelling common misconceptionsThe various applications integrated in ERP systems collect, store, manage, and interpret sensitive data from the many business activities, which allows organizations to improve their efficiency in the long run. Needless to say, the security of such a crucial system and all the data it stores should be paramount for every organization.

ERP security: Dispelling common misconceptions
2020-08-25 04:30

"Since ERP systems have a lot of moving parts, one of the biggest misconceptions is that the built-in security is enough. In reality, while you may not have given access to your company's HR data to a technologist on your team, they may still be able to access the underlying database that stores this data," Mike Rulf, CTO of Americas Region, Syntax, told Help Net Security. "Another misconception is that your ERP system's access security is robust enough that you can allow people to access their ERP from the internet."

Appsian enables SAP customers to fill critical GRC gaps that exist in ERP apps
2020-03-05 00:00

Appsian, the leader in ERP data security, announced the SAP integration certification of their data security and compliance platform for SAP ERP Central Component and SAP S/4HANA. By integrating attribute-based access controls, fine-grained data security solutions and real-time user behavior analytics, Appsian enables SAP customers to fill many critical governance, risk, and compliance gaps that exist in ERP applications. "When it comes to ERP data access, context is everything," said Piyush Pandey, CEO at Appsian.