Select Page
Manufacturing Cybersecurity by the Numbers

Manufacturing Cybersecurity by the Numbers

Old Cyber Risks, New Cybersecurity Rules

Longtime NHL coach and living legend Scotty Bowman once famously claimed that “statistics are for losers.” For a game filled with numbers, that was a pretty bold statement. Around the same time, business author Peter Drucker, a legend in his own right, argued the opposite point, saying “if you can’t measure it, you can’t improve it.” There is certainly something to be said for “the bottom line” — the final score of a game is ultimately the most important number.

But a compelling case can be made that a winning game, a winning team, or a winning organization is comprised of many discrete elements, and that by seeking to measure and improve these key elements, the overall system will benefit accordingly. Our contemporary Moneyball sports world rendered Bowman’s statement a quant anachronism. Similarly, in the business world, managers and executives increasingly look for metrics that help them understand their areas of responsibility.

Manager, Technical, Industrial, Engineer, Working, Control, Robotics, Monitoring, Manufacturing Cybersecurity Technology

“Running the numbers” is not a substitute for successful management, but can be a valuable tool in its execution.

On that note, the National Institute of Standards and Technology (NIST) published a list of “20 Cybersecurity Statistics Manufacturers Can’t Ignore” which details some of the critical numbers that separate winning companies and organizations lost to the nefarious designs of malware, hackers, ransomware and the varying forms of cybercrime. From this list, a few highlights immediately come to the fore. By listening to the information embedded in the data, organizations can act quickly to mitigate the biggest threats that they didn’t know they had. A good manufacturing cybersecurity strategy can address old problems, predict new ones, and keep all operations cyber safe.

Ransomware Remains a Primary Threat to Manufacturers

The impact of ransomware on businesses has been monumental. According to NIST, 1 in 5 small or medium-sized businesses (SMBs) report that they have fallen victim to a ransomware attack. This makes ransomware the number one threat to organizations. Ransomware is unique among attacks in that it does not seek merely to damage the resources within a network. Rather, a ransomware attack encrypts company files, making them inaccessible to the organization and its users. Access to the decrypted files is only provided once payment to the assailant has been made. 

The effects of ransomware are immediate. When a company gets ransomed, all operations affected by the encrypted files come to a grinding halt. This has a cascading effect across the organization as it struggles to stay open during the crisis. This often results in delayed production, late shipments, confused inventory levels, and frustrated customers. To cope with the outage, the company normally resorts to a handful of painful workarounds that are difficult to unravel and clean up once the ransom has been paid.

Ransomers Attack & Manufacturing Cybersecurity Teams Rally

In DoD environments where data cyber security is key, the impact to a company’s reputation can be detrimental. As such, it is no surprise that a ransom situation can cause an organization to go out of business entirely. Worse still, the costs are increasing. According to NIST, over the course of a single quarter in 2019, the average ransomware payment went up by 13% to $41,198. The impact on an SMB’s cash flow should be self-evident. Hackers know no limit when it comes to ransomware targets, attacking companies of all sizes. For that reason, there is no reason to believe that your organization can hide under the hacker’s radar. Therefore,  manufacturers across the nation are increasing their investments in enterprise risk management and security solutions.

Microsoft Office is a Primary Vehicle for Malware

Microsoft Office has been a mainstay of organizations large and small. But the security risks of Microsoft files in an unmanaged environment are considerable. According to NIST, 38% of malicious file extensions come from Microsoft Office formats such as Word, PowerPoint and Excel, making this the most common set of file extensions. Microsoft’s Office suite has long been entrenched in the daily life of SMBs and manufacturers. Shop schedulers frequently define and redefine priorities using spreadsheets, SOPs utilize document formats for process control, and presentations to a company’s staff routinely take the form of a PowerPoint presentation.  

While these file formats are common, they are far from invulnerable, and the robust capabilities that Microsoft created within each format provides opportunities to embed hostile code that can detonate once the files are saved within the network parameters of an organization. And file sharing across the manufacturing community is widespread. It is common, for instance, for vendors and presenters at manufacturing conferences and trade shows to hand out flash drives containing promotional materials. Manufacturing cybersecurity policies need to include these activities because should these files be infected, the consequences of introducing them to an unprotected company network could be catastrophic. As such, companies need to take care in managing the devices that connect to network, and the safety of the files they contain.

Social Media Accounts Become a New Target

Social media is widespread, and manufacturers are increasing playing along in order to get more visibility for their products and more interactions with their customer base. But with the proliferation of online social interactions comes increasing risk. In fact, 63% of MSPs anticipate that hackers will increasingly target social media accounts, according to NIST. Similar to Microsoft Office, social media toolsets have increasingly found their way into organizations. Initially thought of as a distraction, these toolsets have become embedded in many organizations, allowing for more collaborative communication between suppliers, customers, individuals, and groups.

Like the Microsoft Office suite, social media platforms have been enhanced and expanded, with new capabilities added on a routine basis. But a single compromised account can compromise an entire network when accessed from within the network’s parameters. Worse still, given the continually evolving nature of social media platforms, the threats are similarly evolving. Business owners need to understand what role social media will play in their organizations, and how these platforms can be leveraged without excessive risk. Manufacturing cybersecurity measures should take into account all accounts, including those on Twitter, Facebook, and similar online social meeting grounds.

Ghost Security Breach

When it comes to cybersecurity for manufacturers and SMBs,

the numbers don’t lie.

The correlation between successful IT threat mitigation and business success is well documented. Understand the numbers and take the necessary actions to put the odds in your favor. Manufacturers can avoid a cyber security breach by taking it one step further by partnering with industry experts: managed services firms with cyber specialists lead the way in cyberattack mitigation.

Ready to assess the current state of your cybersecurity practices? Get a free whitepaper on best practices for manufacturers and strengthen your security strategy today.

How Manufacturers Can Prevent a Cyber Security Breach

How Manufacturers Can Prevent a Cyber Security Breach

Cyber security solutions are technological processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. Over the years, they have become a necessity in order for industrial firms to succeed. Manufacturing supply chains are often interdependent and integrated. Security within the entire supply chain will lessen any vulnerabilities that could impact the company as a whole. Manufacturers must prepare for a cyber security breach by way of proactive measures.

Cyber Security for Manufacturing Global Supply Chain Map

Has a hacker already gained access to your sensitive data?

All companies have private data that ranges from non-secure to highly secure information. This applies if you have one user, a million users, a million customers, or a supply chain with 500 million endpoints. This applies if your data is exclusive to networks outside of the United States or if you are global in reach.

Regardless of the size of the company, all companies include the following data within their protected systems, and this is the type of data that needs the highest level of endpoint security:

  • Social Security Numbers / Information
  • Bank Account Information
  • Personal Emails
  • Payroll Files
  • Account Information
  • Contact Information
  • Financial Records
  • Product Designs
  • Tax Records

Is your supply chain or customer data on the dark web?

If you have suffered a data breach in the past, the data included personal information, such as phone numbers or other personally identifiable information (PII). Leakage of such information could be fatal towards the growth of a company and its workers. Such sensitive information needs to be secured with proper cybersecurity measures. For companies that do not ensure these measures, the chances of survival within the digital world are slim. The only practical solution is developing ways to combat or prevent cyber risks.

Understanding Manufacturing Cyber Security 

In order to stay safe in a world where digitization is key to success, manufacturing companies have to stay prepared. The best way to prepare, understand and manage cybersecurity risks is by considering all areas that could be breached by an attack. By looking at such risks in a business, and from a legal standpoint, owners may aim to formulate regulatory procedures in order to avoid the damage that a cybersecurity attack can impose on their company. In order for a manufacturing company to not only exist but thrive, they must first UNDERSTAND:

Understanding the risk: First, one must understand that hackers aim to steal, exploit and disrupt the company’s work. This may not necessarily be a personal attack and therefore it must not be treated as one.

Narrowing down risks: Manufacturing companies utilize technology for a multitude of sectors within the company. Therefore, narrowing down where the weakest aspects of cybersecurity are would help avoid data loss or operational risk significantly. If an attack is successful, it is also helpful to know where the root of the problem may have begun in order to stop it.

Data access control: Data is one of the most important factors in cybersecurity. The reliance on a single password, as security for data information, leaves manufacturing companies unshielded from hackers. Implementing a series of security measures by ranking importance of data can establish a hierarchy that prioritizes confidential data. Making sure only limited personnel has access to the data will lower the risk as well.

Enterprising the risks: Since cybersecurity risk is such a prevalent aspect in technology, manufacturing companies must include a prevention plan in their enterprise. This includes spending the necessary funds to prevent any harm towards the company’s technology.

Readying for the worst: Another tactic is assuming that every cybersecurity breach will be crippling towards the company. This prepares staff through proactive methodology and technology.

Setting key roles in an incident plan: Defining roles in advance with a detailed plan will enable everyone to know exactly what is required of them in case of an attack. This will help in a time when it is necessary to move quickly. Everyone will remain organized and on task.

Training all employees: Manufacturing companies need to train all employees to know how to avoid human error, which is one of the highest risk factors within cyber attacks. Through training, proper communication can be established between IT (Information Technology) and OT (Operational Technology) workers. The creation of a community culture will enable proper guidance and action on security shortfalls.

Administering the company’s policies wisely: Cyber attacks in manufacturing companies range from light breaches to severe damages that shut down operations. Therefore, ensuring that effective policies are in place is essential. The entire company needs to understand the severity of even a small breach. Policies should be updated as new threats emerge. Staff should be informed of any backup strategies in place and also of planned disaster recovery steps.

Never forget the basics: Manufacturing companies should have a basic response plan in order to outline expected and anticipated actions. Routinely changing user passwords and checking all systems for vulnerabilities should be common occurrences.

Decoys for intelligence gathering: Deploying white collar hackers is another method that could prevent vulnerability to cyber attacks. Companies should place themselves in the mind of the attacker in order to gain more knowledge on how one may think. Therefore the company can counter the attack before a breach is successful. Using decoys allows manufacturers to actively identify and analyze trends in their system that need to be addressed.

The latest technology, including managed application hosting in the cloud, provides new openings for risk and reveals a general lack of effective security in companies of all sizes, across all industries. The manufacturing industry is particularly vulnerable due to complex applications and third-party software integrations. Manufacturers also have challenging compliance regulations that require intensive documentation and reporting. Small business IT solutions help manufacturers looking for partners who will help them grow without the burden of cyber risk.

Cyber security incidents put manufacturing companies at risk of shutdown

Zero-trust cybersecurity policies have become the most essential risk management strategy. The only way manufacturing companies can stay safe is by making sure they are secure on all ends. The first step is understanding the risks, then making the effort to make sure a security breach does not occur. This process utilizes security audits and penetration testing to gain full vision of all system vulnerabilities. In the chance that a data breach does occur, cyber protection and cyber insurance are critical for survival.

Prevent a Cyber Security Breach with Best Practices

 

 

3 Ways to Spring your Epicor Installation Ahead

3 Ways to Spring your Epicor Installation Ahead

Spring Cleaning & New Growth for Epicor ERP

While individuals differ in their opinion of daylight savings time, the metaphor of “springing ahead” feels perfect for the enterprise resource planning (ERP) season. Spring is, after all, the time of growth and expansion. So how do companies make the most of this season? Successful Epicor customers often find ways to move their implementation forward, following through on the ERP resolutions made in winter. 

Whether you’re heading toward a great spring-loaded leap forward or merely some spring cleaning, there are many things that you can do to help your Epicor application spring ahead in terms of functionality, capability and overall return on investment (ROI).

Epicor Installation Manufacturing Tool Sparks

Spring your Epicor Installation Ahead with a Master File Cleanup

Daily problems in business operations often have their source in the master file records. Master file records are the kind of data that gradually deteriorates over time, if not cared for with vigor. Cleaning up the customer, supplier, and part master tables allows companies to quickly resolve multiple ongoing issues. I’ve seen many companies perform annual intensive data cleanup efforts to rectify such ongoing issues, and this often results in a system that is more predictable and more scalable over time. With each master file, countless questions can be asked to verify the accuracy of this foundational data.

These might include some of the following:

  • Customer Master: Are customer contacts up to date? How about the terms? Are credit limits in need of a review?
  • Supplier Master: Is banking information correct? Are purchase points defined correctly? Are terms up to date?
  • Part Master: Is supply-side information correctly configured to handle demand? Are part costs in line? What about customer and supplier-based part pricing?

Spring your ERP Ahead with a User Security Review

Cleaning up security within the ERP application is a simple step that can improve the maintenance and maintainability of the application. One significant question would be to ask whether your company utilizes individual user security or group security. The use of group-based security tends to keep the management of security much cleaner than the individual method, as users inherit permissions from the security groups, which ensures consistent and predicable access, without the scramble of managing individual permissions on every user account. Has your individual user security gotten out of hand? It’s never too late to rationalize security groups and roll back some of the disarray. This is one simple way of keeping your Epicor installation from becoming risky business.

Within this general structure, attention should be take to a few key functions, as to ensure that they are adequately managed:

  • Part Maintenance: Who has the ability to create and maintain parts? In many organizations, too many individuals have this ability, and it can create a significant amount of disruption if they are not doing so in a consistent manner.
  • Quantity Adjustments: The ability to adjust inventory quantities on the fly is a powerful but dangerous capability. Often, quantity adjustments are made to cover other issues, such as incorrect quality practices or inaccurate material issuing tendencies. Limiting quantity adjustments to a few reliable individuals is key to preventing inventory problems from spinning out of control.
  • Job Entry: Who should be able to modify a job? There are several settings (backflush, make direct, purchase direct, etc.) that can radically affect the application. Tightening the screws on job entry is often a means of ensuring successful supply for the jobs in question.

Spring Ahead with Focused Education

In an ERP context, education should be distinguished from training. Training generally refers to basic instruction geared for general end users, to allow them to perform processes accurately and consistently. Education differs from simple training in that it focuses much more on the underlying mechanics of the ERP system than on performing specific pre-defined tasks. When a larger critical mass of super users understands the underlying mechanisms of the system, you are better able to make decisions and further refine your system, improving efficiency and handling new challenges as they arise. Also, as new employees enter the organization, providing them with a solid understanding of the system can prevent needless backtracking. This is especially true for an Epicor installation.

So, what areas of the application could use some additional deep dives? Here are a few:

  • Transaction types: What’s the different between MFG-STK and MFG-WIP? It’s an important distinction.
  • Non-Stock: Understanding the effects of the non-stock flag on Sales Order Entry, the Engineering Workbench, and Job Entry is fundamental to successfully managing parts through the system.
  • Phantom BOMs — phantoms may help simplify your job BOMs, consolidate engineering levels, and simplify transactions.
  • Labor Entry Method: How does backflushing differ from Quantity Only? These are subtle but important differences, and the ramifications are widespread.
  • Backflushing Materials: Backflushing is another opportunity to make the system more efficient, but it relies on a solid understanding of the related hierarchy.

A Clean Epicor Installation Enables Growth

Spring, after all, is the season of growth, so push to move your Epicor ERP application forward this season, and sew the seeds for a bountiful harvest in 2021. Ready for optimal growth? Get the Epicor consulting services or Prophet 21 services you need to get ahead of the season. Take a tour of Epicor in a future-proof environment with a free ECHO cloud hosting demo. ECHO supports all ERP systems, including cloud-ready P21cloud-ready SYSPRO.

 

3 Things to Consider When Upgrading From Epicor 905 to E10

3 Things to Consider When Upgrading From Epicor 905 to E10

People, Infrastructure, and Scope in an Epicor 905 Migration

A customer on the front end of an upgrade from Epicor 905 to E10 asked me for advice on ERP upgrade planning. I’ve long reflected on some of the keys to a successful Epicor 905 upgrade to E10—the lessons learned by decades of experience, and collected across countless end-of-project reviews. In light of wins and losses of the past, I’ve put together some thoughts on successfully upgrading an ERP system.

Working with consultants often helps in transitioning from a legacy ERP and gaining traction with the new version. This is especially the case if your business intends to leverage the upgrade as an opportunity to perform process changes, implement additional modules, or take advantage of new functionality. All of these things involve risk, largely due to the complexity of data amassed in the process. But if you consider your people, your infrastructure, and your scope, then an upgrade will be the best decision you can make for your future.

Cloud Consulting

Your People & Your Partners

Upgrading your ERP system is all about the people.

  • The people your upgrade will support
  • The people who will help make your application meet your goals

The Philosophy Behind Your People

Methodology: You want to work with folks who have a process for taking your company through the steps, so ’tis not a hodgepodge of random activity.

 

Expertise: I’d recommend you work with a consultancy rather than an independent “jack of all trades” — generalists are good for what they do, but I find the overall solution is superior when delivered by a coordinated team of folks. Look for specialization: Operations, Finance, Tools, Installation, etc.

 

Knowledge: This is where you want some good generalist know-how accessible to you when needed. For example, if you’re upgrading Epicor from 905 to E10, you’ll want someone around who has knowledge about 905 and expertise about upgrading to E10. This is especially helpful for tools considerations and code conversion, but not really important otherwise. The data from 905 to 10 is generally the same, and the functionality is also quite similar. If you have ABL code that you need to convert, you’ll want to partner with a team that has these skills.

 

Experience: This is key. In an Epicor upgrade, for example, you need folks who are strong in E10 and can recommend how the system will best run in 10, so that your transition is smooth and effective.

The Technical Nature of an ERP Upgrade

These considerations apply to any ERP, but I’m going to walk you through this with my Epicor consulting experience coloring the waters. In general, the move from Epicor 905 to 10 is technical in nature, with the change of the database and business logic layers from Progress to .net & SQL Server. Here’s a quick summary of some of the major changes and their implications:

 

Core Modules: These are very similar from 905 to 10 with some new sub-modules and lots of new bells and whistles. You’ll find many opportunities for changes in configuration, and some of these can create unexpected behaviors, so test carefully.

 

Updatable BAQs & Dashboards: These generally come over uneventfully, with a few tweaks. If they contain ABL code, some rewrites are required.

 

Embedded Customizations: These also generally come over uneventfully, with a few tweaks.

 

BPMs: Anything with Progress 4GL ABL code will need to be rewritten.

 

Configurators: Similar to BPMs, anything with Progress 4GL ABL code will need to be rewritten.

 

SSRS / Crystal Reports: 905 primarily uses Crystal Reports. In 10, these have all been converted to SSRS. If you have a lot of custom Crystal Reports, you’ll want to consider whether to rebuild these in 10 or deploy Crystal in the E10 environment.

At all levels, you have to assess the ERP system and the technology that supports it. When you’re upgrading a legacy ERP, should you also upgrade your servers? Will your system require new data management solutions like cloud-based disaster and recovery services? Are you facing new cybersecurity and compliance decisions?

 

Technical Considerations

Upgrading an ERP system demands skillful handling of data. This includes both the mind and soul of the ERP: the strength and spirit of the application. With on-premise, hosted, and SaaS solutions now available as ERP infrastructure options, your upgrade should include technology assessments both in and out of the software.

Upgrade vs. Reimplementation

Think about whether you want your ERP upgrade to be a straight, utility-driven upgrade from the legacy to the current version or a reimplementation. We’ve worked with customers who have gone either way.  We’ve found that reimplementation efforts tend to take longer and cost more, but leave you with a much cleaner data foundation.

A Data-Driven Epicor 905 Upgrade

If you’re trying to pull off some configuration/business process changes as part of the upgrade, this is easier to do as part of a reimplementation. If running Epicor and you’re looking to do the straight, utility-driven upgrade, I would recommend partnering with Epicor specifically to do the database conversion/upgrade. They have proprietary tool (“Cirrus”) that performs this upgrade, and it’s really the best way to do this. In the past, with early versions of 10, the upgrade toolset was part of the Admin Console, and partners like us performed the upgrade. Prior to the upgrade, we also had to request data scrubbing programs to run in 905 prior to the actual upgrade. These helped prepare the data for the 905 > 10 conversion.

Over the course of the last few years, Epicor developed the Cirrus toolset that performs the database uplift. This incorporates all that scrubbing and referential integrity stuff to successfully migrate the DB. These capabilities are not built into the admin console upgrade capabilities, so my understanding is that a better-quality uplift is achieved by working though Cirrus. As a customer, I would be working through Epicor to get the DB upgrading it, and not relying on the admin console. In reviewing the feedback from the Epicor user community, I think that the general consensus would be to leverage Cirrus when possible.

The Project Scope: Budgets & Ongoing Planning

Begin with your history. How to handle your historical data is unique to your project, and you might want to bring in a consultant to help you make decisions around the complexities. There are a number of additional budgetary/planning considerations that should be made at the onset of an upgrade project. Here are several that we normally work though with our customers:

  • Project Management: Do you have an on-site PM who will handle more of the PM duties, or do you want the partner to assume those?
  • Server Install/Configuration/Tuning: Who do you have for technical staff to assist with server-side activities, or do you want the partner to assume those?
  • ABL Code Conversion: Who do you have for development staff that can assist with code conversion, or do you want the partner to assume those?
  • Cirrus Upgrade: Are we working through Epicor to do the Cirrus upgrade? If doing a Cirrus upgrade, you should plan for that cost.
  • Delta Education: Do you want to self-educate or have your partner provide ERP training and support?
  • On-site Consultation: Do you want to have consultants on-site to assist, or do you want to have the partner working remotely and on-site on an as-needed basis?
  • Milestone Prep: Do you have resources that can perform the prep activities, or do you want the partner to assist?
  • Milestone Verification Events: Do you want to conduct CRP and UAT events on your own?
  • Gap Closure: Do you want assistance with gap closure, or do you want to spearhead this?
  • Customization/Tools: Do you have an internal resource to perform any new tools work (customizations, BPMs, reports, etc) that would be part up the upgrade project?
  • Data Conversion/DMT Assistance: Do you have a data-savvy resource who can own DMT & data questions and query the data out of the existing system, manipulate it to load into Epicor, and run the DMT tool to load?
  • On-site Support at Cutover: Do you want on-site support at cutover?
  • First Month-End: Do you need on-site finance support for the first month-end after cutting over, or do you have strong Epicor-savvy internal financial resources?

Upgrading an ERP system can be challenging. It’s a highly rewarding endeavor, and the outcome justifies the move. Good luck on your journey, and reach out to our experts with any questions you have along the way! 

 

Please fill out this form to get an ebook with tips on how to upgrade your cyber resilience strategy. You’ll also receive occasional insights from our team about ERP technology, including cloud services like ERP hosting.

Epicor Part & MOM Settings: Learning By Example

Epicor Part & MOM Settings: Learning By Example

Epicor Cover: Lessons From the Trenches

Sometimes the best way to understand the inner workings of an ERP system is to review examples of its activities and to trace them back to the underlying setup that generated the activities themselves. In the Epicor ERP context, I’ve encountered challenges in helping users understand the impact of some core part settings. Like many ERP systems, Epicor’s part master file is fundamental in governing how these parts flow through the ERP application. There are a handful of “big little checkboxes” that radically change the system’s behavior, and understanding these system settings is a core building block to successfully configuring your Epicor ERP system.

To that end, I’ve put together a few examples that help demonstrate Epicor part and Epicor MOM setup, and their ramifications on Epicor job structure. In fact, Epicor job MOMs are highly dependent on the upstream settings, and without this understanding, the structure of an Epicor job MOM can be confusing. Such principles as Epicor job materials, make-direct materials, and job subassemblies are all traced back to a few small settings. Let’s look at some examples and see how they play out.

The Difference is in the Settings

  • Fundamental decisions create a stable core
  • Successful configurations come from experience
  • Subtle variations significantly alter outcomes
Enterprise Resource Planning Project Team Meeting

In my examples, I utilize Epicor’s training database.

I begin with a few existing parts, and make small modifications to demonstrate the different scenarios.

Let’s begin with part DSS-1000.

This part came directly from the Epicor training database. The key material, part DSS-1010, was also pre-defined. Part DSS-1000 occupied material sequence 10 of parent part DSS-1000. This serves as the baseline for subsequent scenarios.

From here, I copied parts DSS-1000 and DSS-1010 multiple times and made subtle variations.

The following component materials are used in the subsequent scenarios:

  • DSS-1010: Directly from the training database. Stocked MFG Part (i.e: not Non-Stock).
  • DSS-1010NS: MFG, Non-Stock: Used for Make-Direct and Subassembly examples.
  • DSS-1010NSPB: MFG, Non-Stock Phantom BOM Part. 

The following higher-level assemblies are used in the subsequent scenarios:

  • DSS-1000: Mtl Seq 10 (DSS-1010) is a stocked material.
  • DSS-1000MDM: Mtl Seq 10 (DSS-1010NS) is a Make-Direct material.
  • DSS-1000SUB: Mtl Seq 10 (DSS-1010NS) is a Job Subassembly.
  • DSS-1000PBOM: Mtl Seq 10 (DSS-1010NSPB) is a Phantom Assembly.

Interaction between Part Master, the Engineering Workbench, and the Epicor Job

It is fundamental to understand that the part master settings affect the default settings in the Epicor Engineering Workbench and that both the Engineering Workbench and the part master affect the final job MOM. The default behavior can be described as follows:

  • Non-Stock > Pull as Assembly > Job Subassembly
  • Not Non-Stock > Not Pull as Assembly > Job Material (Issued from Stock)

Default Behavior: Stocked Part from Part Master to Job MOM

Let’s explore Epicor’s default behavior in handling a Stocked Material. In this example, the following parameters exist:

  • Part DSS-1010 is a stocked part.
  • Part DSS-1010 is a not flagged Pull as assembly material on Part DSS-1000, material sequence 10.

The outcome: Material sequence 10, part DSS-1010, shows up on the job as a material that is issued from stock (not Make-Direct).

Epicor Material Sequence

Default Behavior: Non-Stocked Part from Part Master to Job MOM

Let’s explore Epicor’s default behavior in handling a Non-Stocked material. In this example, the following parameters exist:

  • Part DSS-1010NS is a Non-Stocked part.
  • By default, Part DSS-1010NS is flagged Pull as Assembly on Part DSS-1000, material sequence 10.

The outcome: Part DSS-1010NS shows up on the Job as a Subassembly. Material Sequence 10 no longer exists on the Epicor job bill of materials.

Epicor Job Bill of Materials

Override: Processing Non-Stock Part as a Make-Direct Job Material

By default, a Non-Stock Material would be processed as a Subassembly (Pull as Assembly). But this behavior can be overridden, in the Epicor Engineering Workbench, resulting in different downstream behaviors. Unchecking the Pull as Assembly flag for a Non-Stock material will cause the material on the job to be supplied in a Make-Direct manner: Non-Stock > Not Pull as Assembly > Make-Direct Material

Let’s explore Epicor’s behavior in handling a Non-Stocked material. In this example, the following parameters exist:

  • Part DSS-1010NS is a Non-Stocked part.
  • Part DSS-1010NS is not flagged Pull as assembly material on Part DSS-1000MDM, material sequence 10. We have overridden the default and unchecked the flagged Pull as assembly flag.

Outcome: Part DSS-1010NS shows up on the Job as a Make-Direct Material on the Job.

Epicor Parameters

 

As you can see, the decisions you make when handling Epicor’s part settings can significantly impact the Epicor jobs created to manufacture them. Hopefully these examples have assisted in your understanding of the factors that affect Epicor’s job bill of materials.

Join us at a virtual event to learn more

about ERP application deployment, management, and success.

Watch a video from one of our ERP events

for more tips from Epicor consulting experts.