Scribd Logo
Upload

Welcome to Scribd!

  • Issues Pertaining To Securing ERP Applications On The Cloud: Pilot Project Semester III

    Uploaded by

    aeonsleo
    28 views22 pages

    Original Title

    Connaisance_FinalPresentation

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    28 views22 pages

    Issues Pertaining To Securing ERP Applications On The Cloud: Pilot Project Semester III

    Uploaded by

    aeonsleo

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 22

    Issues pertaining to securing ERP

    applications on the Cloud

    Pilot Project
    Semester III
    By
    Abhishek Srivastava 9030241301
    Akash Mohan 9030241303
    Kamlesh Bharati 9030241313
    Shalini Mulchandani 9030241321

    Symbiosis Centre for Information Technology,


    Pune
    12/08/2021 1
    Agenda
    • Research Objective
    • Scope of the Study
    • Introduction
    – Cloud Offerings of ERP
    – SAP ERP Offering on Cloud
    • Analysis
    – Security Issues on Cloud
    – Security Issues related to ERP on Cloud
    – Security Configuration in SAP
    – Other Vendors on Cloud
    • SWOT Analysis
    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 2
    Research Objective

    To analyse the issues pertaining to securing ERP


    applications on the Cloud

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 3


    Introduction

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 4


    Cloud Offerings of ERP
    • ERP application as a SAAS
    • ERP application on Cloud Infrastructure
    • ERP application on Cloud Platform

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 5


    SAP ERP on the Cloud
    • Cloud as Infrastructure
    • Cloud as SaaS
    • Cloud as Consumption

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 6


    Analysis

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 7


    Security Issues on Cloud
    Issue #1:
    Data Damage done by Malicious Insiders
    Issue #2:
    Shared Technology Issues
    Issue #3:
    Data Loss
    Issue #4:
    Account Hijacking
    Issue #5:
    Compliance Risk
    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 8
    Security Issues related to Cloud ERP

    IaaS Security Issues PaaS Security Issues SaaS Security Issues


    1) Immature Identity
    1) Account Hijacking Management
    1) Less Operational
    work than IaaS
    2) Credential Management 2) Weak Cloud Standards

    3) API Security Risks 2) Vendor Lock-In 3) Secrecy of Data

    4) Access everywhere
    4) Lack of role based
    increases convenience,
    Authorization
    3) Cloud provider’s long but also risk
    5) Dependence on Security term viability
    5) Customers don’t know
    of the Virtualization
    Platform where the data resides

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 9


    Security Configuration in SAP
    • User Authentication
    • Creating and Assigning Authorization Profiles
    • Auditing and Monitoring
    • Administration and Maintenance

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 10


    ERP Vendors on Cloud
    ERP Vendors on Cloud
    Ramco On-Demand ERP
    – Security Aspect
    Netsuite
    – Security Aspect
    TCS Bancs Application

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 12


    SWOT Analysis
    Strengths
    Reduced Cost
    Cloud technology is paid incrementally, saving organizations money.

    Increased Storage
    Organizations can store more data than on private computer systems.

    Highly Automated
    No longer do IT personnel need to worry about keeping software up to data.

    Flexibility
    Cloud computing offers much more flexibility than past computing methods.

    More Mobility
    Employees can access information wherever they are, rather than having to remain at their desks.

    Allows IT to Shift Focus


    No longer having to worry about constant server updates and other computing issues, government
    organizations will be free to concentrate on innovation.

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 14


    Weaknesses

    • Data Confidentiality and Auditability

    • Data Lock-In

    • Security Issues

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 15


    Opportunities

    • Scalability

    • Utility Pricing

    • Managed Operations

    • Reduced Costs

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 16


    Threats

    • Availability of Service

    • Market churn

    • Data Transfer Bottlenecks

    • Compliance

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 17


    Interview
    Expert
    Mr Manu Zacharia is an Information Security
    evangelist with more than sixteen years of
    professional experience.

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 19


    Sr No Question Answer
    1 How does cloud provider secure Numerous methods and algorithms available
    data at rest and transit? for encrypting data.
    Strong authentication methods used by the
    cloud vendors
    2 How are one customer's data and Appropriate authentication mechanisms are
    applications separated from other used so that the data that you have stored in
    customers (who may be hackers the cloud is accessible to you and not
    or competitors)? anybody else.
    Different instances running on the same
    physical machine are isolated from each
    other via the Xen hypervisor
    3 What needs to do to ensure a Not be possible to implement all the security
    company’s existing security policy policies that you have inside the cloud
    accommodates the cloud model? model.
    4 How do I ensure only authorized There are proper Access control levels
    employees, partners and provided by almost all cloud vendors.
    customers can access data and Authenticated using an HMAC-­-SHA1
    applications? signature of the request using the user’s
    private key in S3
    5 Will data be replicated to any Yes, it could be replicated to other data
    other data centres around the centres.
    world (If yes, then which ones)?

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 20


    SrNo Question Answer
    5 Will data be replicated to any other Yes, it could be replicated to other data
    data centres around the world (If centres.
    yes, then which ones)?
    6 Are the cloud providers using any Yes. Most of the cloud providers see to
    security standards or best practices that they are certified by the security
    (SAML, WS-Trust, ISO or audits and compliances laws.
    otherwise)?
    7 What is the future for cloud Cloud providers are working hard to
    security? provide the most secure data.
    8 Is the data flowing between the All cloud providers use secured shell or
    business and the vendor's cloud- secured HTTPS connection to carry
    computing infrastructure secured in transactions between the application and
    some way? the clients.
    9 How is an ERP Application secured ERP Applications per say has its own way
    on cloud? of providing role based access and identity
    management module that handle
    authorisation and authenticity.
    10 How is huge data of an ERP system Huge data is usually not transferred over
    transferred? the internet.

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 21


    Thank You

    12/08/2021 Issues pertaining to securing ERP applications on the Cloud 22

    You might also like