Accenture Federal Services, a subsidiary of Accenture has been awarded a $729 million contract to help the U.S. Army Communications-Electronics Command transform multiple enterprise resource planning systems into a single, consolidated model to improve efficiency, enhance readiness, and reduce costs. AFS will support the Army Shared Services Center with organizational change management, agile development, and quality assurance, among other capability support functions.
Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to an unauthenticated command execution vulnerability. The infosec outfit described in detail the flaws, calling them "Protocol-related issues involving remote administration of Sage X3.".
The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "Unsafe deserialization" as an attack vector to permit unauthorized remote attackers to execute arbitrary code on a server directly.
With this acquisition, SailPoint unites identity security with separation of duties access controls monitoring for an organization's most critical applications, like SAP. This integrated approach addresses the growing risk of over-permissioned, excessive or conflicting access to business-critical systems and the sensitive financial, business and operational data within. "ERP Maestro brings an experienced team with a rich heritage in ERP-focused audit and compliance, coupled with a SaaS access control solution that will help us to extend identity security to wrap in SoD monitoring and access controls for our customers' most critical systems, including SAP and others," said Grady Summers, SailPoint's EVP of Products.
My Office Apps announced the availability of Kechie 2021 Enterprise Resource Planning software, a cloud-based solution, enabling quick access to business-critical information in real time. With over thirty years of business solutions, Kechie is a proven leader in business transformation software with the use of one or more of its software packages - inventory and warehouse management, manufacturing, finance - or a fully configured ERP system to include all the available modules.
Rootstock Software and Nagarro announced the two companies are entering a partnership to penetrate the cloud ERP market in the United States, Nordics, DACH, and Middle East regions. "Viyom Jain, Global Business Unit Head, CRM & ERP at Nagarro, said,"With Industry 4.0, a cloud strategy with a 360-degree view of customers and business intelligence tools is crucial to the new enterprise.
The latest innovations help finance teams leverage touchless operations, predictive planning, and digital assistants to pivot towards growth. "Our newest innovations help finance teams rapidly adapt to the current economic climate, drive new business models, and improve strategic decision making; all designed to help our customers define their future."
ERP security: Dispelling common misconceptionsThe various applications integrated in ERP systems collect, store, manage, and interpret sensitive data from the many business activities, which allows organizations to improve their efficiency in the long run. Needless to say, the security of such a crucial system and all the data it stores should be paramount for every organization.
"Since ERP systems have a lot of moving parts, one of the biggest misconceptions is that the built-in security is enough. In reality, while you may not have given access to your company's HR data to a technologist on your team, they may still be able to access the underlying database that stores this data," Mike Rulf, CTO of Americas Region, Syntax, told Help Net Security. "Another misconception is that your ERP system's access security is robust enough that you can allow people to access their ERP from the internet."
Appsian, the leader in ERP data security, announced the SAP integration certification of their data security and compliance platform for SAP ERP Central Component and SAP S/4HANA. By integrating attribute-based access controls, fine-grained data security solutions and real-time user behavior analytics, Appsian enables SAP customers to fill many critical governance, risk, and compliance gaps that exist in ERP applications. "When it comes to ERP data access, context is everything," said Piyush Pandey, CEO at Appsian.