by Teknita Team | Aug 11, 2022 | Uncategorized
Enterprise resource planning (ERP) refers to a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management and compliance, and supply chain operations. A complete ERP suite also includes enterprise performance management, software that helps plan, budget, predict, and report on an organization’s financial results.
Choosing an enterprise resource planning (ERP) system is one of the most important decisions a business can make. An ERP system will be a part of the business for years, so it’s not a decision to take lightly. Following are 10 key criteria to keep in mind as your company evaluates its options.
- Business requirements: What do you need your ERP system to do? The question may seem basic, but its answer requires a great deal of forethought. That’s where a designated internal team of stakeholders from the different areas of the business can be extremely helpful. Each member must first gather feedback from their own teams about how they want to use a new system, including desired features.
- ERP features: Different companies and their departments will require ERP features that support their specific processes. But they’ll all likely have a common need for an intuitive interface and dashboard that enhances cross-department management and collaboration with easy-to-read key performance indicators (KPIs) and report creation. Other common requirements include advanced business intelligence, data-mining capabilities and data security. An ERP system should also be able to integrate data from existing systems and be customizable (more on both follows).
- Total cost of ownership and ROI: This depends on the chosen deployment model. When ERP is installed on-premises, the business is responsible for all upfront hardware and software costs, as well as costs associated with implementation, customization, upgrades as the business grows, and security. Additional costs include employee training and ongoing maintenance and support. Some costs are one-time charges, others are ongoing; and the number of users may also have an impact. Total cost of ownership (TCO) is typically steep, so realizing the ROI of ERP generally takes longer than for less business-critical systems. Cloud-based ERP, which is set up, hosted and managed by a cloud vendor, reduces, eliminates, or amortizes many of those costs, potentially lowering TCO and almost certainly speeding up ROI — a main reason why cloud deployment models are popular among growing companies. The ERP system is accessed through the internet, with security managed by the cloud vendor and the software delivered as a service. The vendor also handles software updates, upgrades and maintenance.
- System integration: Not only should an ERP integrate disparate business processes, but leading solutions will also integrate with any existing systems and applications a company wants to continue using. And if they do, the new vendor should have connectors available that do exactly what the name implies, preferably enabling real-time synchronization so data among systems is always up to date.
- Support and training: The ERP system will require support for initial implementation, ongoing daily operations and employee training. Determine whether the vendor provides all those types of implementation support, its particular skill in your business segment, what escalating levels of support are available to match your business’s needs and what response time is guaranteed. Managed support may be an option for a monthly fee.
- Implementation: ERP implementation can take anywhere from one month to more than a year depending on whether the system is deployed on-premises, in the cloud or in a hybrid combination. Generally speaking, a business will be up and running the fastest with a cloud-based ERP system since the vendor handles implementation rather than tying up internal resources. A new ERP is typically implemented in phases and will involve the migration of data, which requires data cleansing to ensure data quality. Rigorous testing is essential before going live.
- Vendor industry expertise: Along with evaluating the ERP software, it’s a good idea to evaluate ERP vendors for their expertise in your industry. The ideal vendor will have a successful history of prior ERP installations for companies in your industry and at roughly the same company size. It also pays to get and check references of satisfied (and perhaps unsatisfied) customers. Financial viability is also important to ensure future support.
- Technology: Advanced technologies continue to emerge and elevate many of the benefits an ERP system can provide. The cloud, artificial intelligence (AI) and, more specifically, machine learning can all improve business processes; provide deeper, more predictive analysis and insights; and enable a personalized experience, among other benefits. Some systems may also support Internet of Things (IoT) devices, such as sensors and cameras that feed information back to the ERP; blockchain, for conducting transactions and the transparent flow of data; and augmented reality.
- Vendor product road map: As a business grows, it’s likely to need more from the ERP system than what’s included in its initial requirements. As a result, it is important to find out how the vendor will improve, add to and support its product — new versions, features and functions — down the road, as well as how those features will be integrated into the existing software. Another item to consider is the frequency of updates and patches.
- Customization: The need to customize will depend on the complexities of your business processes — and even if you don’t need it at the time of ERP selection, it may become important as the business grows. It may also guide the type of cloud deployment selected: single tenant vs. multitenant. The former allows for more customization because the ERP is dedicated to just one company, rather than shared as in the latter model.
You can read more about Enterprise Resource Planning System here.
Teknita has the expert resources to support all your technology initiatives.
We are always happy to hear from you.
Click here to connect with our experts!
by Teknita Team | Aug 10, 2022 | Security
Ransomware is Malware that commonly uses encryption to hold a victim’s data for ransom. An organization’s data in encrypted so that they cannot access. Ransom is then demanded to unencrypt and make it available again. Ransomware is usually designed to spread across a network and target database and file servers.
An attacker can gains access to the environment through a targeted attack, via email spam or phishing or an existing vulnerability they discover. Once access is established, the malware encrypts data using a key pair generated by the attacker. Once specific goals are met the ransomware prompts the user for a ransom to be paid to decrypt the files. If the ransom is paid then the attacker would promise to deliver the private key to the organization so they can decrypt their data. Unfortunately even if the ransom is paid, some organizations never hear from their attacker again and they are not provided the key.
How it Happens?
Ransomware often starts through a phishing email that contains an infected or malicious attachment. Other attacks can start by someone downloading a file that was infected or unknowingly allowing an application to be installed by a website. Another possible entry point is through a vulnerability in a particular application or OS. In many cases these vulnerabilities are identified with patches provided by the software vendor. WannaCry was an example of a ransomware attack that took advantage of a vulnerability in the Windows OS. The vulnerability was identified with a patch provided before the attack, but infected computers had not applied the patch or were running a version of the Windows OS that was out of support.
How to Protect Yourself?
Patching
The best and easiest defense is to make sure that all laptops, servers and network devices are kept up to date with the latest patches and firmware. In many cases, vulnerabilities are identified by the vendor or other Whitehat hackers and reported to the vendor so they can correct the problem. This usually happens before the vulnerability can be exploited.
Patching has become straightforward with several ways to automate including:
- OS Settings – Automatic download and installation of patches can be configured within the OS though sometimes reboots are not automatic and require attention.
- Azure Update Management – Used to manage operating system updates for Windows and Linux VMs in Azure or Physical or virtual machines in on-premises environments.
- AWS Systems Manager Patch Manager – Similar to Azure Update Management, AWS Patch Manager allows for cloud and on-prem patch application and updates.
- WSUS/SCCM – Microsoft offerings provided to automate and report on patching of Windows machines.
- Third party patching tools – Some 3rd party patch automation tools exist that improve on or simplify the features within SCCM.
Network Segmentation
Many malware packages including Ransomware spread to new machines from infected machines on the same network. If an organizations network is completely open then 1 infected machine can be used to infect everything. Segmentation improves security by dividing a network into segments to control how traffic flows across the network. This segmentation limits traffic to where it needs to go and can limit the damage and spread of malware. A related best practice is to isolate access from third parties via dedicated access portals.
Security
Make sure to keep current on recommendations for updates to protocols and best practices. Organizations should also consider encrypting their data. This will ensure that even if there is a data breach, the attacker is not able to use the data as part of a ransom threat. That said, Ransomware can re-encrypt data so this is not a protection against a Ransomware encryption attack.
Another area to review is the organizations authentication practices. If an attack is started due to a password obtained through a 3rd party breach then it is very easy for an attacker to place malware anywhere that the breached account has access. With 2 factor (or multi-factor) authentication this becomes much less likely as the attacker would also need to be in possession of the account owners’ phone or have access to their secondary email account.
Training
Educate the user community on what Phishing looks like and proper etiquette for content from unknown sources. The best defense is to make sure that staff are not clicking on unsafe attachments, browsing to unknown website, or downloading unsafe content.
Backups
Every organization should have a backup process in place though most have focused on recovering from equipment failure. Many backup processes simply make sure that the data is backed up onto a device other than the one being protected. With ransomware this is not enough as many impacted organizations discover that their backups are also encrypted and useless for a recovery effort. For proper protection organizations must incorporate multiple copies of data, use different storage media and keep at least 1 copy offline or otherwise inaccessible by the source network. Cloud backup solutions can also achieve this using multi-factor authentication and network segmentation in addition to minimum retention range checks which ensure at least one recovery point in case of attack.
You can read more about Ransomware Attack here.
Teknita has the Cyber Security experts to support all your technology initiatives.
We are always happy to hear from you.
Click here to connect with our experts!
by Teknita Team | Aug 8, 2022 | Microsoft SharePoint
For years SharePoint has been known as a tool to improve communication and collaboration. Most people are familiar with sharing and versioning documents, checking out, editing, then checking back in. This has always given SharePoint a leg up over the old “shared drive” approach and is how SharePoint achieved a foothold in many organizations (that and the foundation edition is free with Windows).
Here are some uses for Microsoft SharePoint that you might not have thought about:
• Document and Records Management
Many people see that you can store and search for documents in a document library but there doesn’t seem to be much structure, taxonomy, or governance to these documents. This is certainly no longer the case. With the introduction of SharePoint 2013 Records Center, you can now apply retention policies to your content types and enforce your Document Management and Retention policies. Additionally, document libraries can hold many more documents than in previous versions of SharePoint.
• Application Development
SharePoint has always allowed for the development and integration of custom application using core SharePoint features utilizing .Net, ASP.Net, HTML, JavaScript and CSS. These capabilities continue to exist with the added dimension of developing SharePoint Add-ins that take advantage of standard web technologies and that can extend on-premise as well as hosted SharePoint environments. This concept is further expanded in SharePoint 2016 and Office 365 allowing for faster development and easier deployment to a wider audience.
• Data Modeling and Business Intelligence
Along with complete integration into the Microsoft SQL Data Warehouse stack, SharePoint offers Power View as an interface for Data Modeling. Power View is an interactive data exploration, visualization and presentation experience that allows for ad-hoc reporting. Data, rich graphics and visualization tools can be included in easy-to-build reports that can then be published for others to use, or as a baseline for additional modeling.
• Search
SharePoint Enterprise Search is a powerful tool for finding data both inside and outside of SharePoint. Internal content can be searched and refined through new and powerful web parts. Content outside of SharePoint can now be indexed and referenced within search results allowing for a true enterprise search feature.
• Mobile Optimization
SharePoint automatically generates a mobile friendly version of every page for phone and tablet users. The Mobile Browser View feature allows for expansion to tablet and smartphone devices with little effort required from developers or system administrators.
Some of these capabilities have been around for a while but just aren’t as well known by SharePoint users. Ask your IT department about these features or contact us and we can help you maximize your SharePoint experience.
by Teknita Team | Aug 3, 2022 | Security
Logs are critical when you are attempting to detect a breach, investigating ongoing security issues, or performing forensic investigations. These five must-know Cloud Logging security and compliance features can help customers create logs to best conduct security audits.
1. Cloud Logging is a part of Assured Workloads.
Google Cloud’s Assured Workloads helps customers meet compliance requirements with a software-defined community cloud. Cloud Logging and external log data is in scope for many regulations, which is why Cloud Logging is now part of Assured Workloads.
2. Cloud Logging is now FedRAMP High certified.
FedRAMP is a U.S. government program that promotes the adoption of secure cloud services by providing a standardized approach to security and risk assessment for federal agencies adopting cloud technologies. The Cloud Logging team has received certification for implementing the controls required for compliance with FedRAMP at the High Baseline level. This certification will allow customers to store sensitive data in cloud logs and use Cloud Logging to meet their own compliance control requirements.
Below are the controls that Cloud Logging has implemented as required by NIST for this certification:
- Event Logging (AU-2)
- Making Audits Easy (AU-3)
- Extended Log Retention (AU-4)
- Alerts for Log Failures (AU-5)
- Create Evidence (AU-16)
3. “Manage your own Keys,” also known as customer managed encryption keys (CMEK), can encrypt Cloud Logging log buckets.
For customers with specific encryption requirements, Cloud Logging now supports CMEK via Cloud KMS. CMEK can be applied to individual logging buckets and can be used with the log router. Cloud Logging can be configured to centralize all logs for the organization into a single bucket and router if desired, which makes applying CMEK to the organization’s log storage simple.
4. Setting a high bar for cloud provider transparency with Access Transparency.
Access Transparency logs can help to audit actions taken by Google personnel on content, and can be integrated with existing security information and event management (SIEM) tools to help automate your audits on the rare occasions that Google personnel may access your content. While Cloud Audit logs tell who in your organization accessed data in Google Cloud, Access Transparency logs tell if any Google personnel accessed your data.
5. Track who is accessing your Log data with Access Approval Logs.
Access Approvals can help you to restrict access to your content to Google personnel according to predefined characteristics. While this is not a logging-specific feature, it is one that many customers ask about. If a Google support person or engineer needs to access your content for support for debugging purposes (in the event a service request is created), you would use the access approval tool to approve or reject the request.
You can read more about Cloud Logging here.
Teknita has the expert resources to support all your technology initiatives.
We are always happy to hear from you.
Click here to connect with our experts!
by Teknita Team | Aug 1, 2022 | Uncategorized
Document management systems are basically electronic filing cabinets an organization can use as a foundation for organizing all digital and paper documents. Any hard copies of documents can simply be uploaded directly into the document management system with a scanner. Often, document management systems allow users to enter metadata and tags that can be used to organize all stored files.
Choosing the right document management system starts with accurately assessing your organization’s needs. The first choice you’ll make is whether you want an on-premises or cloud-based solution. Each type of system offers the same functionality, but there are several key differences in the way maintenance is performed and data is stored.
TYPES OF DOCUMENT MANAGEMENT SYSTEMS
When choosing a document management system, you will have the choice between on-premises and cloud-based software.
An on-premises document management solution requires you to use your own servers and storage, which means you need to perform your own maintenance. You’ll also be responsible for the security of all your data, so you’ll need to back everything up. This option typically makes sense for larger companies with dedicated IT resources because of its higher technical demands, but it also places you in direct control of the system. Technical support and software updates from the vendor are usually contingent on whether you continuously renew an annual subscription package.
Cloud-based document management software is hosted by your system’s provider and accessible to your organization online. Typically, cloud-based solutions have a monthly or annual fee, which includes all maintenance and software updates. Depending on the system you choose and the features you require, pricing for cloud-based platforms can range from a few dollars to more than $100 per user per month.
DOCUMENT MANAGEMENT SYSTEM FEATURES.
- Document storage: The most basic and critical function of a document management system is the ability to store your company’s documents safely and in an easily searchable manner.
- Keyword search: A sound document management system has a broad keyword search option so you can easily access any document based on specific keywords.
- Permissioned access to certain documents: By creating tiered permissions, you can provide certain employees access to specific documents and bar everyone else from viewing or editing them.
- Document access monitoring tools: These tools allow you to monitor who in your company is accessing what documents.
- Document edit history and restoration: A document management system should have edit history and restoration options so you can see who has edited a given document.
- Auto-delete on outdated documents: Document management systems come with regulation controls for automatic saves and deletion to free up storage space.
- Mobile device access: You should be able to access your company documentation through your mobile device.
BENEFITS OF USING A DOCUMENT MANAGEMENT SYSTEM
- Saved time: By using a document management system, you can devote the time you previously spent organizing and managing your documents to more critical parts of your business.
- Security: By backing up your documents in the encrypted cloud or a secure on-premises server, you can protect important and sensitive company information and protocols.
- Scaling: One of the major benefits of document management software is its ability to scale up and down to meet your company’s ever-changing needs.
- Easy document management: Keyword searches allow you to find your company’s important information quickly and easily.
- Collaboration: Document management software can improve workplace collaboration by allowing multiple people to work on the same file at once, tracking who makes what changes and retaining your access to older versions of documents.
You can read more about Document Management System here.
Teknita has the expert resources to support all your technology initiatives.
We are always happy to hear from you.
Click here to connect with our experts!