Technology and business worlds are awash with talk of the latest security vulnerability posing a threat to enterprises of every size, Log4j. Learn more about the exploit and how it impacts Epicor users.

What is Log4j?

Log4j is a logging utility library for Java, and it has a zero-day exploit that allows for remote code execution. Meaning, This bug affects applications using Java and allows for malicious actors to execute external code within the application resulting in a potential takeover of the software.

How does it affect Epicor Users?

Epicor Kinetic (formerly Epicor ERP) from version 10.X onward is built using a C#/.Net framework, PHP, and MS SQL database. It does not leverage Log4j among its dependencies. However, earlier iterations of Epicor software, such as Vantage 8, did employ Java appServers and may include Log4J dependencies.

Log4j may impact third-party solutions that leverage Java, such as ECM (DocStar). Those running on-premise deployments of Epicor Kinetic ERP need to upgrade to the latest version to be fully protected. All the more reason to remain current on the latest version of Kinetic and ensure your business minimizes such vulnerabilities.

Software security vulnerabilities are emerging more frequently among globally used technologies. It’s important to bear in mind that private groups tasked with countering security risks for businesses have a more difficult time managing such widespread system vulnerabilities when compared to vendor administered SaaS models. In the case of the latter, vendors can push out patches and updates to a multitude of users concurrently. The control of configuration that on-premise deployment provides, while useful in customizing a system to the business’ specific needs, presents a precarious set of conditions in today’s modern technological landscape. On-premise users will do well to invest in InfoSec moving forward to ensure their systems remain as protected as possible.

If that investment is not one a business is willing to take on, upgrading to the cloud may be in that business’ best interest.

What is Epicor doing to address the Log4j Vulnerability?

Epicor is actively responding to the reported remote code execution vulnerability in the Apache Log4j 2 Java library. All Epicor cloud products that use Log4j have been remediated, and there is no additional action required of customers. If you operate Epicor products on-premises, please log in to EpicCare to access knowledge base articles that provide remediation instructions for each affected product. Epicor will continually publish information on Log4j to help customers address any vulnerabilities.

 “Fortunately, we use PHP and not Java, so this zero day exploit will not affect us or our customers. That said, Java is a very popular language and if your company uses Java or Java frameworks (eg. Java Spring), you should check in to make sure the Log4j library is updated, if in use, to protect against malicious hackers that will exploit this.” – Rich Murr, Chief Information Officer, Epicor Software Corporation

If Encompass can assist in any way with protecting your Epicor on premise installation, please don’t hesitate to reach out.

About Encompass Solutions

Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, and renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of Industry.

Modern endpoint protection is designed to provide security against the latest threats no matter where the endpoint sits. The Epicor Security Suite Capture Client, SonicWall®, protects your business endpoints from modern threats.

Capture Client’s integration with the Epicor Kinetic Capture Security Center creates a single pane of glass across network and endpoint security operations for centralized control of attack visualization, rollback and remediation, device control and application vulnerability intelligence.

Why Choose Epicor Security Suite Capture Client?

The SonicWall Capture Client offers best of breed, next-generation antivirus protection with built-in autonomous endpoint detection and response. Not only does Capture Client excel in offering effective threat protection, the synergy with the SonicWall platform allows for increased visibility and protection both on and off network. Help ensure your security is boundless with Capture Client’s protection and centralized management.

The ever-growing threat of ransomware and other malware-based attacks has proven that client protection solutions cannot be measured based solely on endpoint compliance. Traditional antivirus technology uses a long-embattled signature-based approach, which has failed to match the pace of emerging malware and evasion techniques.

Additionally, with the proliferation of telecommuting, mobility, and device portability, there is a dire need to deliver consistent protection and web policy enforcement for endpoints anywhere.
SonicWall Capture Client is a unified endpoint offering with multiple protection capabilities. With a next-generation malware protection engine powered by SentinelOne®, Capture Client applies advanced threat protection techniques, such as machine learning, multi-engine sandbox integration, and system rollback.

The SonicWall cloud-based management console and global dashboard give MSSPs a snapshot into the health of their tenants within a global view. Administrators can see the health of each tenant which is measured by the number of infections, vulnerabilities present, the version of Capture Client installed, and what and who is being blocked the most by Content Filtering. The dashboard can distinguish which devices are online and operating as well.

An image of the Epicor Security Suite Capture Client Diagram

The management console also functions as an investigative platform to help identify the root cause of detected malware threats and provides actionable intelligence about how to prevent them from recurring.

Capture Client supports the Windows, Windows Server, macOS, and Linux operating systems.

Epicor Security Suite Capture Client Features

The Epicor Security Suite Capture Client is your next generation endpoint protection to defend your business from modern cyber threats. Functionality of this solution includes:

  • Independent cloud-based management
  • Synergizes with SonicWall firewalls
  • Security policy enforcement
  • Continuous behavioral monitoring
  • Highly accurate determinations achieved through machine learning
  • Multiple layered heuristic-based techniques
  • Application vulnerability intelligence

Contact Encompass Solutions to learn more about Capture Client and other Epicor Security Suite offerings.

About Encompass Solutions

Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, and renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of Industry.

Everyone is talking about the cloud, especially manufacturers who are evaluating a cloud ERP solution for their business. However, if you don’t quite follow what they’re saying, it comes down to this—using the cloud is using data and systems through the Internet.

How You Already Interact With Cloud Technology

While The Cloud may seem like an abstract idea, you likely already interact with and use cloud technologies every day.

  • Do you update a Facebook profile?
  • Do you check your bank balance from your phone?
  • Do you stream movies or music?
  • What about playing games online?

If you answered yes to any of these questions, you are using cloud technology.

Cloud technology has truly permeated into our everyday lives. Now ask yourself, is it as simple for businesses to leverage cloud technology? The answer is yes.

Businesses leveraging cloud technology improve operations in a number of ways. Examples include improving your cash flow, increasing business capabilities, and simplifying processes for their workforce. All these benefits are realized through the use of an access-from-anywhere platform that is more reliable than traditional ERP deployments that place hardware on-premises.

How Cloud Makes Innovating Easier

By enabling cloud technology at every level of an organization, businesses remove the anxiety associated with security, backups, and verification of backups. Offsite storage becomes a thing of the past and maintenance of hardware and software can be done away with completely. Troubleshooting and upgrades can all be handled with a fraction of the effort.
Perhaps most importantly, connectivity is more reliable in the cloud. This means teams can remain connected and productive anywhere and anytime they need.

Manufacturers questioning whether now is the time to move to the cloud, the answer is a resounding yes. Cybersecurity, IT projects, maintenance activities and more can be removed from the equation with a cloud ERP solution. This leaves your businesses to take care of the business, make time for customers, employees, and partners.

Simplicity And Dependability of a Cloud ERP Solution

On-premise ERP deployments give businesses a sense of confidence that their data is safely stored just down the hall. While that peace of mind and control is reassuring in theory, in practical terms it can be quite a drain on your IT staff. Maintaining both hardware and software is a headache most IT departments would gladly do without. Cloud enables businesses to shed the tether of physical systems in favor of a more agile and simple solution. With a cloud ERP solution, your teams can focus on running your business more efficiently and taking better care of your customers’ experience.

Cloud ERP solutions operate under the safety of redundancy. Cloud technologies store data securely in multiple data centers locally, regionally, and even globally. This dependability is designed to help businesses maintain system uptime and access no matter what adverse conditions may befall a specific region. These data centers are managed by industry professionals whose sole focus is keeping systems up and running at optimal levels. This frees up resources and capital for your business to focus on growth and improving user experiences across departments. As a result, collaboration among internal teams gets better, the complexity of your information technology resources is reduced, and overall business performance improves.

“The rise of the collaborative workforce and workspace is underway. Increasingly, tech-savvy mobile users are ready for collaborative workspaces with deep integrations to the software they use daily. Collaboration is a key element that helps create the future of work.”

– Worldwide Team Collaborative Applications Forecast, 2019–2023: Collaboration Growth Impacts the Future of Work, IDC, Doc #US44662619, August 2019.

If your business is in t he progress of growing or you want to grow, adopting a cloud ERP solution could be an easy way to increase capacity and output without taking on additional software, hardware, or IT personnel. A cloud ERP solution can be scaled up or down with ease, as well.

Savings found in the Cloud

Cloud ERP Solutions are a cost savings component of business that reduces overhead.

What’s overhead? simply put, overhead is what doesn’t make you money. This includes things like accounting, insurance, and rent.

Antiquated approaches to IT can be a huge source of spending for businesses with maintenance, update tasks, and utility bills, not to mention the extra space servers take up. When working in the cloud, the costs of doing business are driven down. Here’s how.

Reduced Cost of Ownership

Cloud computing removes upfront hardware costs, and the pay-as-you-go subscription model eliminates large initial layouts for software. Easy setup and cashflow-friendly monthly payments make it even easier to see why cloud deployments are so popular—especially when you add the fact that Epicor cloud business software deployments typically cost 25–40% less* than on-premises deployments.

Competitive Advantage

Technology allows your employees to turn on a dime. The cloud provides access to data at a user’s fingertips, ensuring that no matter your company’s size you are able to compete with enterprise-class technology. The time and money cloud computing frees up for your business translates into a lean, nimble, and competitive advantage.

Employee Productivity and Loyalty

With cloud ERP solutions, you can run your business from anywhere there’s an internet connection. Give your employees the ability to produce wherever they happen to be. This enables better work-life balance that translates to greater loyalty and output. With improved employee loyalty and buy-in, talent turns over less often, this further improves your savings in retaining talent versus having to train new employees more often.

Minimize Downtime With a Cloud ERP Solution

Downtime can cost a company dearly. Cloud ERP solutions can ensure your apps are up and running when you need them most. Cloud-based SaaS applications are proven to minimize downtime, reduce the costs that go along with it, and keep your people productive. Epicor ERP has a service level agreement of 99.5% uptime, but performs well beyond that promise with a historical uptime of 99.98%.

Safety, Stability, And Access

Backups are an integral part of any IT department. However, when your backups are stored on-site, you are vulnerable to all manner of internal and external compromise. This can include natural disasters, fire, rogue employees, malicious actors, and the list goes on. any one of these mentioned exposures could cost you irreplaceable data.

The Cloud is the only truly safe place for your backups, because they are house where natural disasters, fires, and all those other potential pitfalls can’t touch them. True backup—the safekeeping of a redundant set of data—is best left to the cloud. It’s the safest, most affordable, and most efficient way to make sure that if you lose everything, all is not lost.

When it comes to stability, cloud systems are simply more stable, better monitored, and more secure than any on-premises system. Unless you have an impenetrable data center protected by intrusion detection, fire suppression, advanced power grids, backup generators, environmental monitoring, and six separate HVAC units inspected every day—all connected by multiple T3 pipelines from multiple vendors and all in a distant geographic location—you’re not as safe as you think.

Accessibility, as in who you want to have access to your systems and who you want to keep out, is a big deal in IT. Add to that lost devices and you’ve compounded the problem. In fact, lost laptops are a billion-dollar business problem. However, the greater problem is the loss and possible theft of the sensitive data stored on those laptops. When your data is stored in the cloud, you can access it no matter what, no matter where. Not only this, but you can lock out anyone when it comes to using that device and you can remotely wipe data from lost laptops at any time.

Now, are you ready to explore the benefits of a Cloud ERP solution for your business?