Is Cloud ERP Security a Problem?

servers, security, ERP

Historically, one of the largest barriers to cloud ERP adoption has been the perception of ERP security risks. Companies, especially those with longstanding on-premise software and infrastructure, were distrustful of outsourcing because it entailed a loss of control over their data and potential security issues.

Over the years, however, as the use of cloud software became more prevalent, this attitude has waned. Cloud vendors were fully aware of the security concern and thus made headways into ensuring their products were safe and reliable. After all, this could be used as a strong selling point to win over customers.

Nowadays, there are some reasons to expect cloud ERP solutions to be better in terms of security than on-premise solutions. Every software needs to be examined on a case-by-case basis, but certain factors may be at play.

For example, consider specialization. A company whose business model depends on their product being secure is more likely to do well in the security aspect than a company whose main goal (e.g. manufacturing or telecommunications or healthcare, etc.) is unrelated to it..

Plex Systems puts it best:

“[C]loud ERP customers quickly overcome this irrational fear by asking honest questions: are we a manufacturing business or an IT shop? Do we think our IT infrastructure is as safe as solutions whose entire business model is based on providing secure service? And can we really afford to keep an in-house staff focused entirely on managing the latest security measures?”

After all, what onsite solutions offer directly is not security, but control. More control doesn’t necessarily equate with better security, so some of the unease about cloud ERP is unwarranted.

On top of that, as of 2017, on-premise solutions still had more security incidents than cloud solutions. A study from Alert Logic showed that in-house systems had 51% more incidents than those on the cloud, writes Ian Barker.

This may change over time, as Alert Logic itself admits. It states, “Adoption of cloud computing continues to grow, and cybercriminals are shifting their focus accordingly.” Of course, hackers will go wherever opportunities exist, so this is to be expected.

A final factor distinguishing cloud ERP security from that of on-premise solutions is how often each is updated. On-premise software is typically more difficult to update, while cloud ERP vendors can roll out updates without much issue. This means that vulnerabilities will tend not to be patched as often on on-premise systems.

Every provider, of course, needs to be evaluated independently. Some onsite solutions will have better security than that of cloud solutions, and some will be the reverse. Customers need to do their due diligence in asking questions to find out which is which.

If you’re interested in implementing cloud ERP software for your business or have any questions, you can contact us at