ERP sans frontières

Access for all

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

Workshop There was a time when the terms ‘ERP’ and ‘back office systems’ were almost synonymous, reflecting that the original incarnations of ERP offerings were very much concerned with processes running within the physical walls of the organisation.

Over the years, though, functionality has expanded and integration capability evolved to the point where ERP can quite naturally surface at the boundaries of the organisation and present a direct presence to the outside world. Whether this is in the form of electronic touch points with trading partner systems, or even direct access by external users through some kind of extranet or portal, there can be no doubt that the ‘back office’ label is no longer appropriate, at least in terms of capability.

But how much are ERP systems really deployed in an externally-facing manner, and for which types of function? There are a couple of obvious areas that are relevant here.

The first is supply chain management, particularly for larger organisations in certain sectors with particularly complex networks of suppliers and/or strong trading relationships with certain key suppliers.

From a planning and management perspective, elements of supply chain activity have always been within the scope of ERP. For a couple of decades basic transaction processing has also been relatively common using a batch-based Electronic Data Interchange (EDI) approach. However, the problem was that EDI integrations typically involved a lot of ‘hand crafting’ from an integration perspective, and significant nurturing thereafter to deal with evolving requirements, eg things changing on either end of the link. It was therefore difficult to cost-justify EDI beyond those strategic trading relationships - indeed many smaller companies saw EDI as a burden when forced into it by larger suppliers.

Now though, ERP systems are generally capable of integrating with other systems in a much more immediate transactional manner based on XML messaging, with schemas defined to deal with the typical range of supply chain interactions in a number of industries. Indeed, the emergence of more open interfaces and standards now means it is possible to freely exchange very rich types of information automatically up and down the supply chain, eg product specs and descriptions, compliance-related information, and so on.

We can but wonder, however, how much or how well such facilities are used when studies like the one published by the standards body GS1 UK last year (see here) revealed that around 80 per cent of the product data used across the retail supply chain was inaccurate, costing industry somewhere in the region of £140m a year to deal with. Perhaps it isn’t as easy as some IT suppliers would like to make out to electronically couple with suppliers.

The second major area in which external communication is relevant is the demand side of the business. One of the responses of many ERP suppliers to the original dot com boom was to bolt internet store fronts onto their packages. Over subsequent years, these have evolved to offer sophisticated capabilities to build very rich portals to potentially serve the needs of both consumers and B2B customers, depending on your business requirements. Of course where portals have been presented to the outside world, there are implications from a systems perspective.

External traffic, particularly where consumers are concerned, tends to be a lot more ‘peaky’ than that generated from internal activity, so more attention needs to be given to system sizing and performance to handle the fluctuating demand for throughput. There is then the question of security, not just from a physical perspective, but also with regard to identity and policy management. If you are going to create logins for key administrative staff, or even individual sales people, within your dealer network, for example, then managing access as people come and go can be quite a challenge.

Nevertheless, despite some of the issues, extending access to ERP systems in a controlled and well managed manner can potentially have significant benefits in terms of reduced costs and overhead, and increased visibility from an operations perspective.

When quoting for a new job, for example, it can be quite useful if your systems are able to determine inventory or manufacturing fulfilment times by reaching back through the supply chain electronically into supplier systems. Similarly, when forecasting demand as part of the production planning processes, wouldn’t it be nice to ping the systems of your key distributors and pull back relevant sales pipeline information.

Which brings up the whole question of trust and motivation. While larger players often stand to gain a great deal from demanding electronic visibility, access and transaction capability with their smaller trading partners, the little guys are not always that keen to cooperate as they immediate lose leverage and negotiating power. Conversely, a large company might think twice before granting too much access to a smaller trading partner that is highly dependent on a competitor who in turn has a lot of leverage over it.

So, while it is one thing for IT vendors to deliver the mechanics of external integration and trading capability within ERP systems, it is often far from straightforward implementing those capabilities in the real world from both a systems and/or business perspective.

Or are we worrying too much? Perhaps your experience is different, and you have been able to hook up your ERP to the outside world relatively easily. Either way, tell us your thoughts and experiences in the comment area below. ®

Website security in corporate America

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.