Reliable Internet Connectivity
One of the most common concerns we hear when we first mention cloud based ERP software such as ERPNext is that of reliable internet connection.For those unfamiliar with ERPNext, ERPNext is an open source, cloud based, enterprise resource planning (ERP) software which works on any web enabled devices. Going back, reliable internet is still very much a cause of concern in South Africa for some business owners, especially for those based in the smaller cities that still lag behind when compared to bigger business hubs, namely Cape Town, Durban and Gauteng. This concern is easily addressed by a best of both worlds deployment of ERPNext where the server is hosted on the main business’s local area network (LAN) but still linked to the internet by means of a public IP address. This setup of ERPNext ensures that it remains business as usual at the head office with key transactions processing being unaffected by internet outages if and when they occur.
Most of us must have wondered whether ERPNext is a secure application. We even think twice before putting our personal data online today. An ERP software is used for storing sensitive financial data, and it's bound to evoke a feeling of insecurity when using a cloud based ERP.
The realm of computer security has many unknowns and as such, even the most secure systems get compromised. However, it would be foolish to keep known security holes open for attack. Below are some of the steps taken to ensure ERPNext's data's security
Unix-like operating systems
ERPNext runs on Unix-like operating systems. They are inherently considered more secure than Windows. When ERPNext is installed in production mode, it sets up a firewall, SELinux and a unprivileged user to run the python code.
Passwords not stored in plain text
All passwords are encrypted and cannot be read/recovered by anyone. How does this work? Wikipedia: Cryptographic Hash Functions
Data stored on ERPNext is firstly secured via SSL encryption which is the same technology used by banks and online retailers to secure internet transactions.
Binding a user to a specific IP address
Security can further be restricted by binding a user to a specific IP address. This option can be made flexible by assigning multiple IP addresses to a single user if a user connects to ERPNext from multiple locations.
Two Factor Authentication
Two factor authentication can also be optionally enabled which forces all system users to access the system through a 2nd level authentication with a token sent via email or SMS.
regularly inviting third party IT security firms
The Frappe Team who are behind ERPNext take security very seriously and take preemptive measures such as regularly inviting third party IT security firms such as Portcullis Security to discover and report vulnerabilities that they may find in the product. The availability of ERPNext's source code has allowed for peer review which has resulted in enhanced security capabilities
Automated backups to Drop box
To top it off, data backups are securely performed to the cloud with backups being seamlessly done to Drop box every six hours where it's always safe and secure. Dropbox offers additional layers of security, so you never have to worry. This safeguards business continuity should a disaster occur and the need to restore a backup arise.
Users can rest easy
With the best of both worlds setup of ERPNext where its installed on the LAN and with access to the internet, business users can rest easy knowing they have same convenience and reliability that traditional on premises systems provide whilst still having the nimbleness of the cloud to enable productivity anywhere.