What should Users of the Odoo ERP do in ensuring that the system is secure?
While you are taking the time to upload that upbeat song you heard on the radio, a cyber-attack just occurred. Fun fact: there is a hacker attack every 39 seconds! I believe this is a quite good reason to ensure that your Odoo ERP system is secure, guessing that the information kept is highly sensitive.
Check if your company is already taking the following measures.
Two points of view must be considered:
Secure practices for ERP-Administrators
Secure practices for end-users
Following guidelines apply for ERP-Administrators:
Ensure user’s access in the system is limited
Users should be given restricted access to specific Odoo modules, limited to their role in the company. The system’s usability should be restricted to the areas needed to fulfill their daily tasks and not more.
When a hacker is using brute force to enter your system, how to enhance security better than using non-standard port numbers? You are going to make his life 65535 times more difficult by avoiding the default port number. For additional information check out Perimeter Security.
Train your system some Sherlock Holmes moves so that it searches for evidence once you log in. MFA is a security measure that verifies the user’s identity by requiring additional credentials, such as a code from the user’s smartphone, the answer to a security question. Fingerprint and facial recognition are not in the picture, but it may be a great feature to implement into Odoo in the future. Odoo’s app store has a couple of MFA modules to offer. We are happy to make further recommendations if your company is interested in using MFA.
