In July this year, the USA’s Department of Homeland Security issued an alert. It was citing a study by security firms Digital Shadows and Onapsis. This highlighted the risks posed to thousands of unpatched business systems from software makers Oracle and SAP (and the brand damage broken ERP systems can incur).
The report highlights that:
- 17,000 SAP and Oracle software installations are exposed to the Internet at more than 3,000 companies, government agencies, and universities
- At least 10,000 servers are running incorrectly configured software that could subject them to direct attack using known SAP or Oracle exploits
- More than 4,000 known bugs in SAP and 5,000 in Oracle software pose security threats, especially in older systems that operators may consider uneconomical to fix
The Oracle and SAP security patches that should fix these issues are time-consuming to apply. They require time and effort from your entire team to fix, and they’re often non-customer facing issues. Many organisations ignore these vendor patches until they need to upgrade, but this can put you at a significant risk!
Break the weakest link in a company’s security, and you can damage the whole brand
On 9 October, Google launched the Google Pixel 3 and Google Pixel 3 XL smartphones. Both use AI to deliver perfect photos and provide an ‘intelligent’ digital assistant. This technology would enable Google to break into the smartphone duopoly of Apple and Samsung.
However, Google failed to properly invest in security for Google Plus, its failed social media experiment. This resulted in a very serious security breach and a PR disaster. At the time of the phone launch, the BBC’s headline was “Google Pixel 3 phones launch during privacy storm.”
Google will discontinue public access to Google Plus this year. But the damage caused to the brand after not properly protecting the personal data of 500,000 members of the social network, highlights the importance of protecting not just your mission critical systems, but all of your systems that are exposed to the Internet.
Your Oracle and SAP systems are especially at risk
This is one of the reasons why Support Revolution implements Gartner recommended Trend Micro Deep Security. This solution creates a firewall around your systems at the server level. Our solution is far more responsive and does not require any downtime to patch the fixes. If a major threat is detected, the fix can be applied in as little as 12 hours.
This means that Support Revolution acts as your safety net for those ‘uneconomical to fix’ security issues that may turn out to be far more expensive than you originally predicted.
Reach out to a member of our team if you want to learn more about how we keep our customers protected throughout the year.