A Battle-Cry for Oracle EBS Security
Remember the Alamo! OK, I had to do that after returning from last week’s OATUG Collaborate Conference in San Antonio. Maybe the battle-cry for those who work with the Oracle E-Business Suite (EBS) should be “Remember Security!” Corny, yes, but what we heard while talking to attendees on the show floor and in our four sessions is that security for Oracle EBS is still challenging.
Security Matters for Oracle EBS
Keeping Oracle EBS and applications patched and making sure configurations are in a secure and compliant state is an important part of your jobs. Request from IT security and audit and compliance teams to remediate critical issues and provide reports to prove compliance add to your workload. Our theme for Collaborate “Security Matters for Oracle EBS” resonated well with everyone we talked with.
Some Highlights and Things We Learned:
- Onapsis and ERP Risk Advisors have established a partnership. Leading into Collaborate, ERP Risk Advisors announced ERP Armor with Onapsis as part of their security and compliance solution. Onapsis and ERP Risk Advisors will work closely together to help joint customers address critical security and compliance issues. At Collaborate, Mike Miller, product architect at Onapsis, and Jeff Hare, founder and CEO of ERP Risk Advisors, joined forces to present a very well attended session, Hackproofing and Protecting Oracle E-Business Suite.
Mike and Jeff will be giving an encore performance of this session on a live webcast scheduled for Wednesday, April 24th at 12:00 PM ET. REGISTER TODAY TO ATTEND THE WEBCAST.
- There is not a great sense of urgency to move Oracle EBS and applications to the cloud. For customers who are heavily invested in on-premises Oracle EBS, they got good news at OpenWorld that Oracle would continue to invest in EBS and provide premium support until 2030. In our conversations at Collaborate, we learned that manufacturing companies using Oracle EBS and its manufacturing modules are not moving to cloud any time soon. These implementations are highly customized and complex, integral to the business, and Oracle has yet to build out SaaS offerings for manufacturing. This further emphasizes risk and the need for security.
- Internal threats including fraud are a growing concern. Our friends at ERP Risk Advisors pointed us to an Association of Certified Fraud Examiners’ (ACFE) report that estimates a typical organization loses 5 percent of its annual revenues to fraud. In conversations at Collaborate, we heard fraud is a real concern. Much of an organization’s financials flow through its ERP systems. If access rights and configuration settings aren’t locked and continually monitored, internal fraud is a legitimate problem that can be costly to the organization.
- The importance of patching and why you must keep up with Critical Patch Updates. Our session on implementing Critical Patch Updates (CPUs) attracted a great crowd. Now, attendees are returning this week to the second Oracle CPU release of the year. Check out analysis of the latest Oracle CPU in our research team’s blog post.
Four Conference Sessions Presented
For those of you who attended the sessions and those who could not make it to Collaborate, you can download the sessions slides below.
Oracle E-Business Suite: Key Audit and Compliance Advantages to Running in the Cloud
Mike Miller, Product Architect, Onapsis
DOWNLOAD THE SLIDES
Steps to stay Secure with Security Configuration Console in Oracle E-Business Suite
Mike Miller, Product Architect, Onapsis and Cristian Peque, Oracle Security Specialist, Onapsis
DOWNLOAD THE SLIDES
Hackproofing and Protecting Oracle E-Business Suite
Mike Miller, Product Architect, Onapsis and Jeffrey Hare, CPA, CIA, CISA and Founder and CEO of ERP Risk Advisors
DOWNLOAD THE SLIDES
How to Implement Oracle Critical Patch Updates for EBS
Mike Miller, Product Architect, Onapsis and Cristian Peque, Oracle Security Specialist, Onapsis
DOWNLOAD THE SLIDES
Thanks to everyone who attended our sessions and visited us at our booth. It was a pleasure talking to you about how we can help you protect your Oracle EBS environments and applications from constant internal and external threats. If you’d like to see a demo or learn more about the Onapsis Security Platform, let’s schedule a time today.