Syntax Enterprise Resource Planning (ERP) Cloud Security
Securing your information assets; be they on premises or in the cloud, is essential to keeping your business running. We are constantly being bombarded by news of high-profile breaches (Equifax) and of state actors attempting to steal your information. A popular saying is ‘Knowing is half the battle’. Syntax is here to translate that knowledge into action for your cloud based ERP.
Syntax has engineered a secure ERP cloud using the best practices from many security frameworks and distilled them into a holistic cloud ERP security program. From protecting the network edge with state of the art firewalls and intrusion prevention capabilities, using AI enabled endpoints to scour your ERP instances for malware and offering encryption to make any data exfiltration useless. Syntax is constantly evolving it’s offering, working with clients to customize our security solutions to their requirements and acting as a trusted advisor to implement the most secure implementations possible.
Depending where you’re doing business, what business verticals you find yourself and the data you’re handling you could be subject to different regulatory concerns. If you handle credit card data you will be subject to PCI-DSS requirements or for health care, HIPAA requirements. Violations of these regulations can be costly, not only from a monetary position but your brand reputation can also be affected negatively from a data breach.
The financial consequences of a lack of security program can be fatal.
Ponemon Institute’s annual Cost of Data Breach Study for 2017 found that security incidents and breaches are expensive unto themselves. The average cost of a breach has gone up 62% in the last 5 years. Not to mention costs associated to downtime and remediation. Gartner estimated these at more than $300,000 an hour back in 2014. Considering that our interconnected world is dependant upon ‘always on’ applications, this cost can only increase.
CLICK IMAGE TO ENLARGE
Syntax’s Security Assessment Services
We identify your vulnerabilities and train you in preventative measures - helping you safeguard your critical systems and data.
Hackers are always looking for weakness in your systems:
More than 90% of successful cyber attacks worldwide begin with a phishing email
External Vulnerability Assessment
Scan through servers and detect vulnerabilities in order to prioritize fixes
Internal Vulnerability Assessment
Uses security software to scan through internal networks, identifying vulnerable areas and malware
Analyze vulnerabilities and provide clear steps to close potential security breaches
Security Awareness Training
Online classes and tests for your employees to measure your company’s security awareness levels
From IBM-Ponemon Institute 2017 Cost of Data Breach Study
From Verizon Data Breach Investigation Report (DBIR) 2017 Who’s Behind Breaches?
Seven tips to be more secure:
01. Be vigilant
Log files and unplanned changes can help indicate a breach.
Training employees to be cyber-aware goes a long way to stop breaches.
03. ‘Need-to-know’ basis
Keep data on a ‘need-to-know’ basis – Only people that need access to a resource should have access to it.
04. Patch, Patch, Patch
Many attacks can be mitigated by the latest revision of code.
05. Encrypt sensitive data
Make your data unusable if stolen.
06. Use two-factor authentication
This can limit logins by malicious actors.
07. Physical Security
Don’t leave sensitive documents lying about unfiled.
Enterprise IT security is more important today than ever before
Fortunately, JD Edwards and Oracle E-Business Suite users who are on the Syntax Enterprise Cloud® can answer “yes” to all of the questions above. Syntax’s Enterprise Cloud provides clients with state-of-the-art ERP optimized security that is SSAE 16 Type II, SOC 2 and PCI Certified . We further strengthen security and protect your mission critical systems by deploying a host of enterprise level and proprietary security, monitoring and encryption technologies.
Our ERP security standards are founded on three Pillars:
Confidentiality, Integrity and Availability.
Syntax’s secure architecture limits access to information so it is not made available or disclosed to unauthorized individuals, entities or processes.
Syntax provides measures to maintain the integrity of your hosted data. Data cannot be changed in transit or altered by unauthorized people.
Syntax rigorously maintains all hardware and engineers redundancy on all devices. From multiple internet links to redundant computer nodes and storage arrays.
Private enterprise cloud built on best-of-breed technology
Syntax has designed and deployed ERP, Database and Server-specific security policies and protocols to provide your mission-critical systems with end-to-end security and protection across the technology stack.
Private enterprise cloud built on best-of-breed technology
At the application level, we provide clients with the option of deploying specific Web Application Firewalls to protect web services and provides comprehensive application logging for compliance requirements.
Syntax keeps the data in your Oracle ERP production environment secure by using state of the art storage solutions.
Syntax obfuscates your data whenever you need to clone your production environment. This process provides developers, testers, programmers and other staff access to the specific database tables they need, but it does not allow them to view actual data such as salaries, social security numbers, credit card information or other sensitive information.
End-to-End Support, Security and Transparency for Oracle JDE Edwards
The storage solution can provide excellent hardware encryption and security, its protection does not extend beyond the operating system level. For clients who require additional security at the database level Syntax provides the option of deploying Transparent Data Encryption technology which restricts access to unencrypted data at the database level.
Server and Desktop Level Security and Monitoring
As part of our PCI compliance, Vulnerability scans and penetration tests we schedule and perform on a regular basis and then communicate those results to customers for compliance and remediation purposes. These technologies scan and detect vulnerabilities at the OS and/or Application Server level, and provide threat analysis alerts along with recommendations for action.
To maintain file integrity, Syntax deploys File Integrity Monitoring tools such as OSSEC or Tripwire which track file-level permission and access level changes, as well as logging and identifying who accessed, modified or even viewed a specific file while keeping a record of the dates and times which the event occurred.
On the Syntax ERP Cloud your hardware credentials and encryptions keys always remain secure using Oracle Wallet and Hardware Key Vault.