Where is your ERP/CRM data safe?

The question of security plays an important role in the discussions about the decision between on-premise and cloud solutions. We notice that the solution on the company’s own premises is quite often considered the more secure option. The reason is simply the physical close proximity to the data and the feeling of control. Of course, the interesting question is whether this assumption is correct and what the reality really looks like.

Where is your ERP/CRM data most secure – in your own data centre or in the public cloud?

The subject of data security is currently at the focus of many discussions. And understandably so, as there are many third parties who want to access, control or even steal your data. In today’s highly competitive markets, companies are forced to handle their data with extreme caution for several factors.

So where is your valuable data most secure? Let’s have a look at this question with an on-premise situation in mind. The first point to consider is the level of professionalism required. Hackers are becoming more and more sophisticated at a rapid speed, so the way they handle data must also become more and more professional. Ideally, you should always be one step ahead of the hackers. So you need to consider the level of expertise of your IT staff, their experience and mentality, your budgets and the ability to fill vacancies.

The second point is the profundity of your knowledge. What is the current level of competence of your IT staff? When was the last time you gained a new perspective through recruitment? What are your budgets like in terms of training and motivation? Is it enough to keep up with the pace? And how has the trend in these budgets developed over the last few years?

The third point is the scope of your competencies and the level of your experience. To what extent are you able to manage all the applications, databases, operating systems and reporting tools that your company uses today? Are you satisfied with the answer to this question?

The fourth point is physical access to your servers. What exactly are the access controls to your server room? How many different people have access? Do you know what staff and external providers are doing in that room? And please don’t forget the after-hours cleaning staff.

And finally, audits. How often do you have a professional IT audit made by an external company that honestly tells you what the weak points of your security strategy are? And how closely do you follow their recommendations? According to a rough estimate, 40% of all companies using on-premise solutions do not perform a daily backup of their data. Does this news shock you? And are you sure that your company belongs to the other 60%?

Let’s face the facts:

  1. In today’s world, data security is critical;
  2. You need to run a business and focus on your customers, employees and goals; and
  3. Data security is not part of your core business.

In 2020, Microsoft was selected to bid on the Joint Enterprise Defense Infrastructure contract awarded by the Pentagon, the headquarters of the US Department of Defense. The Pentagon is most likely the organisation that values confidentiality the most of any company in the world. And the one with the most to lose! This contract could potentially address many companies’ mistrust of cloud security. Microsoft employs 3,500 engineers specialising in cyber security and invests a billion dollars a year in cyber security.

There is no doubt that the security of Microsoft data centres is far better than that of the server room and IT staff of the average SME. Does this also apply to your company?