I covered the basics of on-site versus Cloud Enterprise Resource Planning (ERP) in my, and it may be a good idea to review it before you move on to the most common issues arising out of Cloud data storage.
Let’s start with a review of what I mean when I use the term ERP. For the purposes of this blog, ERP includes: marketing, sales and distribution, enterprise solution, production planning, quality management, assets accounting, materials management, sale control, human resources, and project management financials. I typically try to steer clear of long lists in my blogs because they tend to loose people. But this is important. The list is long because ERP supports almost every aspect of your business and you want this data to be as secure as possible. Not to mention, this is your business, you want to make sure that you own all the data, so that you are able to transfer it, integrate it, and archive it.
Here at Amadeus Consulting we currently use a hybrid system. We track much of our marketing and sales data through Salesforce, a Cloud based server. Our internal accounting is all hosted on-site, making it easier for us to customize the system to fit our needs. We are a medium sized business, approximately 80 employees, so we have the IT resources to maintain the infrastructure necessary for on-site hosting. We also have control over the security of our on-site accounting and can transfer our data to a new program easily, if needed.
As the Cloud becomes more prevalent, the issue of security becomes important. If you are hosting your ERP on-site, you have control over the security measures protecting your data. With a Cloud service, the server will most likely let you know what security measures are in place, but you have no say over how security is managed. Considering the type of information (financial, resource planning, internal company documents) that could be stored on the Cloud, you may want more control over security.
- data breaches
- data loss
- account or service traffic hijacking
- insecure APIs
- denial of service
- malicious insiders
- abuse of cloud services
- insufficient due diligence
- shared technology
Basically, the fear is hackers coming in and stealing/deleting data and possibly using accounts for themselves. This could mean that a business competitor may get access to inside information and potentially attacking another business through its own accounts. So is the answer to stay off the Cloud? Definitely not. Instead, just like with any newer technology, the key is to protect yourself as the technology matures and security measures improve. Right now, you should always keep encryption keys on your own premises and preform due diligence when deciding on a Cloud service provider.
Another concern to consider is data ownership. If you host your ERP on-site, there is no question that you own this data and can transfer it easily whenever you want. Data ownership on a Cloud server depends a lot on where the data was created. If it was created by you, then uploaded onto the Cloud, the data is likely protected under copyright laws. However, if it is not protected, then all data on the Cloud is treated the same. Again, you have to preform due diligence and find out if the Cloud server you are considering gains ownership of part or all of the data you put on their server. It would be wise to think twice before using a server that gets any ownership of your data because if you decide to change servers or want to transfer the data for any reason, you may be unable to do so.
Bottom line: security and data ownership are the main concerns to keep in mind, but if you perform your due diligence, and retain your own security measures, you should not fear using a Cloud server. Look at what makes the most sense for your business.