Best Practices for maintaining secure connections to your ERP

Two things protect your company’s ERP the most:
good habits and two-factor authentication (2FA).
Think of them as a strong front door plus a second lock only you can open.

This article explains, in simple terms:

How to keep your connection to the ERP secure
Why 2FA should always be turned on
What can go wrong if accounts are not protected properly

1. What is your ERP and why is it so important?

Your ERP (like SIX ERP) is the place where a company keeps:

Customer information
Invoices and payments
Salary and HR data
Orders, products, and stock

If someone breaks in, they can:

Steal money
Steal customer data
Mess up orders and invoices
Damage the company’s reputation

So your ERP is not just “another service” – it’s more like the central brain of the company.

2. Best practices for a secure connection

2.1 Use strong, unique passwords

A weak password is like a door key made of paper.

Bad passwords are things like:

123456
password
Your name + birth year

Good passwords:

Are long (at least 12–14 characters)
Mix letters, numbers, and symbols
Are not reused on other websites

Example of a stronger password (don’t use this exact one):
Sun!Tree92_purpleRoad

Never reuse your ERP password on social media, games, or other websites.
If another site is hacked, attackers will try the same password on your ERP.

2.2 Keep your device clean and updated

Even if your password is strong, your computer or phone can be attacked.

Good habits:

Install system and browser updates regularly
Use antivirus where required
Don’t install random software from unknown websites
Lock your screen when you walk away from your desk

If malware (a virus) is installed, it can steal your passwords or even type for you.

2.3 Avoid unsafe Wi-Fi

Public Wi-Fi (cafés, airports, etc.) can be risky:

Someone on the same network might try to spy on your connection
Fake Wi-Fi networks may pretend to be “Free Wi-Fi” but actually collect data

Safer choices:

Use trusted networks (home or office Wi-Fi)
Use a VPN if your company provides one
Never leave your ERP open on a shared computer

2.4 Be careful with emails and links (phishing)

A lot of attacks start with a fake email:

It might look like it’s from your company or your ERP
It asks you to “log in quickly” or “reset your password now”
The link takes you to a fake login page that saves your password

How to spot problems:

Check the address (URL) before you log in
Don’t click on strange links from people you don’t know
If something feels urgent or scary (“your account will be deleted!”), be extra cautious

If you’re not sure, ask your system administrator or IT for help.

3. Why 2FA should always be enforced

3.1 What is 2FA in simple words?

Two-Factor Authentication (2FA) means:

To log in, you need:

Even if someone steals your password, they still don’t have your phone or inbox.

It’s like:

A door with a key and a special code that changes every minute.

3.2 Realistic attack scenarios

Scenario 1: Password stolen, but 2FA saves you

You use the same password for:
- A random game website
- Your email
- Your ERP
That game website is hacked, and attackers download all passwords.
They try your email and ERP with the same password.

If 2FA is OFF:
- They log into your ERP
- They can see data, change things, maybe create fake invoices
If 2FA is ON:
- After entering the password, they are asked for a 6-digit code
- They don’t have your phone/email, so they’re stuck
- The login fails; your account is safe

Scenario 2: Phishing email succeeds, but 2FA stops damage

You receive a fake email:
“Your ERP account has been blocked, click here to unlock it.”
You click the link and enter your username and password into a fake page.
The attacker now knows your password and tries to log into the real ERP.

Without 2FA:
- They are in. They can do anything you can do.
With 2FA:
- The system also asks for a one-time code
- The attacker doesn’t have your second factor
- They can’t complete the login

Even if you made a mistake with the fake site, 2FA reduces the damage.

Scenario 3: Lost or stolen laptop

Your laptop is stolen from your car.
Your browser has saved your username and password for the ERP.

If there is no 2FA:
- The thief might open your browser and directly access the ERP.
If 2FA is enforced:
- They still need the second factor (email/phone/app code).
- Without that, they cannot log into your account.

4. What weak account practices can lead to

If passwords are weak and 2FA is not used, attackers might:

Change your bank account details in the ERP to their own
Send fake invoices to customers so money goes to them
Download all customer data, which can then be sold or misused
Change product prices, discounts, or stock data
Delete or corrupt important information to hurt the company

This can cause:

Financial loss (money stolen or lost)
Legal trouble (data protection violations)
Reputation damage (customers lose trust)
Tons of extra work for IT and staff to recover and fix everything

All this can start from one weak password or one unprotected account.

5. Why 2FA should be mandatory (not optional)

Even if some users think 2FA is “annoying” or “takes too long,” from a security view:

People reuse passwords (even when they shouldn’t)
People click on bad links (phishing happens)
Phones and laptops get lost or stolen
Some passwords are always weaker than we believe

That’s why 2FA should be enforced by default:

It protects not just one user, but the whole company
One hacked account can affect everyone in the ERP
2FA is a small extra step that blocks a lot of real-world attacks

6. Simple checklist for users

To keep your ERP access safe:

✅ Use a strong, unique password
✅ Never share your password with anyone
✅ Always use 2FA (email code, authenticator app, WhatsApp, etc.)
✅ Check links and emails carefully before logging in
✅ Keep your phone and computer updated and locked
✅ Tell your administrator immediately if:
- You lose your phone or laptop
- You think someone knows your password
- Something strange happens during login