Brad Feakes, Author at EstesGroup

Understanding the New Client Architecture of Prophet 21

by Brad Feakes | May 19, 2021 | Cloud, ERP, ERP Implementation, Prophet 21, Software

Software development never stands still. I remember a time where I felt like I had finally come to understand DataSets, DataTables, DataRows and DataViews, only to have a much more experienced developer inform me that the System.Data namespace was old, antiquated, and no longer used in the development of cutting-edge applications. I had walked the prescribed trail, only to realize that it dead-ended in a software swamp.

The implications of such rapid movements in application development are significant, as software vendors often find themselves down similar dead ends and are forced to backtrack their way out of them. I liken software applications to my great-grandaddy’s venerable old axe: two new heads and seven new handles later, yet still seen by everyone in the family as the same axe.

Like the axe, Epicor’s Prophet 21 ERP application has been refitted over time. P21 helps distribution companies with a variety of features and capabilities. But like many such applications, the vendor found that over time, there was a need to reshape the application as to better position it for future use. Limitations to the existing architecture could not support the long-term needs of the industry. For that reason, Epicor has been reworking and fine-tuning its P21 architecture, moving towards a more scalable, interoperable and accessible application. Understanding where P21 has been and where it’s going can be of great use for customers, as to help them chart a course for the future.

The Old Prophet 21

Epicor’s E10 application followed an infrastructure that separated the user client, the application server, and the database itself. For someone coming from Epicor 10, P21’s original architecture might look a little strange. Traditionally, P21 employed a fat client architecture, in which a large amount of business logic was housed in the 32-bit client itself, and this client communicated with the database. A liability of this approach was the difficulty in deploying a full API that could be accessed externally. Also, this model created natural limits to the number of clients that could share a single terminal server, due to the size and scope of the fat client.

The New Epicor Model

As Epicor sought to develop a more robust and accessible platform, changes were made both to the client and the overall architecture. Epicor’s updated architecture inserted a new layer, referred to as the “Middleware Server,” that serves as an intermediary between the client and the database, and provides the foundation for API-level interactions.

Logic that had previously resided in the “fat client” desktop version was moved into the middleware layer. This architecture more closely resembles Epicor’s E10 application server-based architecture. Communication with the middleware server occurs using Secure Socket Layer (SSL) protocol. This allows you to connect without the need for direct access to the network or a VPN connection. A web connection and an SSL certificate are all you need.

Beyond the API benefits, another benefit of this approach comes from performance, as the middleware server supports as much as twice as many clients as can be supported by a terminal server with the traditional fat client. For customers with high user counts, Prophet 21’s new architecture supports multiple load-balanced middleware servers.

Client Types: Understanding Your New P21 Options

From a client interaction perspective, two new options were developed to support the new architecture:

Web Client: The web client is a browser-based capability, allowing customers to access their system from a PC, a tablet or a mobile device.
Hybrid Client: The hybrid client meets the needs of customers who like the look and feel of a traditional desktop application, but wish to leverage the capabilities and features of the updated web client. The hybrid client installs like a normal Windows application, and connects directly to the middleware server, without the use of a browser.

Desktop Client – A Line in the Sand

Initially, Epicor’s web client lacked some of the functionality available with the traditional client, making things like DynaChange screen modifications difficult to accomplish without a traditional client. But as Epicor ramped up the capabilities of the web client, these differences have fallen off, such that as of spring of 2021, new P21 features will be available only in the web and hybrid clients.

Epicor will slowly migrate away from traditional desktop application. By the fall 0f 2021, Epicor will no longer develop and release new versions of the desktop client. By the end of the year, Epicor will no longer release fixes for the desktop client. For P21 customers, this will require all users to migrate to the new architecture, both to retain support and to capitalize on the benefits of the newer releases.

The bottom line for P21 customers is clear: they can migrate to the new architecture or else work on the legacy platform, in an unimproved and unsupported state. In making this move, there are a few additional considerations to be made relative to the Prophet 21 deployment options available.

SaaS or Private Cloud Hosting for Epicor P21 Applications

Customers may opt to choose Epicor’s SaaS solution and place their application under Epicor’s control. This amounts to making two significant shifts, and many customers may not be sufficiently confident in Epicor’s SaaS solution to make the move. For customers suspect of SaaS, but looking for cloud options to host their new P21 architecture, private cloud hosting for ERP combines the new architecture with P21’s full functionality, without the hardware investments that come with an on-premise install.

Do you need help understanding your P21 deployment options? Do you need help migrating your existing architecture to take advantage of Epicor’s new features and capabilities? Give us a call — we are the #1 Prophet 21 consultancy in the nation, and we’d love to make you our “client”!

Are you a wholesale distributor and planning for new P21 features and capabilities? Please take our survey as a step towards understanding the new client architecture of Prophet 21 and how it relates to your future!

Take the Prophet 21 Survey Now!

Manufacturing Cybersecurity by the Numbers

by Brad Feakes | Apr 30, 2021 | ERP Risks and Challenges, Managed IT Services, Network Security, Security

Old Cyber Risks, New Cybersecurity Rules

Longtime NHL coach and living legend Scotty Bowman once famously claimed that “statistics are for losers.” For a game filled with numbers, that was a pretty bold statement. Around the same time, business author Peter Drucker, a legend in his own right, argued the opposite point, saying “if you can’t measure it, you can’t improve it.” There is certainly something to be said for “the bottom line” — the final score of a game is ultimately the most important number.

But a compelling case can be made that a winning game, a winning team, or a winning organization is comprised of many discrete elements, and that by seeking to measure and improve these key elements, the overall system will benefit accordingly. Our contemporary Moneyball sports world rendered Bowman’s statement a quant anachronism. Similarly, in the business world, managers and executives increasingly look for metrics that help them understand their areas of responsibility.

Manager, Technical, Industrial, Engineer, Working, Control, Robotics, Monitoring, Manufacturing Cybersecurity Technology

“Running the numbers” is not a substitute for successful management, but can be a valuable tool in its execution.

On that note, the National Institute of Standards and Technology (NIST) published a list of “20 Cybersecurity Statistics Manufacturers Can’t Ignore” which details some of the critical numbers that separate winning companies and organizations lost to the nefarious designs of malware, hackers, ransomware and the varying forms of cybercrime. From this list, a few highlights immediately come to the fore. By listening to the information embedded in the data, organizations can act quickly to mitigate the biggest threats that they didn’t know they had. A good manufacturing cybersecurity strategy can address old problems, predict new ones, and keep all operations cyber safe.

Ransomware Remains a Primary Threat to Manufacturers

The impact of ransomware on businesses has been monumental. According to NIST, 1 in 5 small or medium-sized businesses (SMBs) report that they have fallen victim to a ransomware attack. This makes ransomware the number one threat to organizations. Ransomware is unique among attacks in that it does not seek merely to damage the resources within a network. Rather, a ransomware attack encrypts company files, making them inaccessible to the organization and its users. Access to the decrypted files is only provided once payment to the assailant has been made.

The effects of ransomware are immediate. When a company gets ransomed, all operations affected by the encrypted files come to a grinding halt. This has a cascading effect across the organization as it struggles to stay open during the crisis. This often results in delayed production, late shipments, confused inventory levels, and frustrated customers. To cope with the outage, the company normally resorts to a handful of painful workarounds that are difficult to unravel and clean up once the ransom has been paid.

Ransomers Attack & Manufacturing Cybersecurity Teams Rally

In DoD environments where data cyber security is key, the impact to a company’s reputation can be detrimental. As such, it is no surprise that a ransom situation can cause an organization to go out of business entirely. Worse still, the costs are increasing. According to NIST, over the course of a single quarter in 2019, the average ransomware payment went up by 13% to $41,198. The impact on an SMB’s cash flow should be self-evident. Hackers know no limit when it comes to ransomware targets, attacking companies of all sizes. For that reason, there is no reason to believe that your organization can hide under the hacker’s radar. Therefore, manufacturers across the nation are increasing their investments in enterprise risk management and security solutions.

Microsoft Office is a Primary Vehicle for Malware

Microsoft Office has been a mainstay of organizations large and small. But the security risks of Microsoft files in an unmanaged environment are considerable. According to NIST, 38% of malicious file extensions come from Microsoft Office formats such as Word, PowerPoint and Excel, making this the most common set of file extensions. Microsoft’s Office suite has long been entrenched in the daily life of SMBs and manufacturers. Shop schedulers frequently define and redefine priorities using spreadsheets, SOPs utilize document formats for process control, and presentations to a company’s staff routinely take the form of a PowerPoint presentation.

While these file formats are common, they are far from invulnerable, and the robust capabilities that Microsoft created within each format provides opportunities to embed hostile code that can detonate once the files are saved within the network parameters of an organization. And file sharing across the manufacturing community is widespread. It is common, for instance, for vendors and presenters at manufacturing conferences and trade shows to hand out flash drives containing promotional materials. Manufacturing cybersecurity policies need to include these activities because should these files be infected, the consequences of introducing them to an unprotected company network could be catastrophic. As such, companies need to take care in managing the devices that connect to network, and the safety of the files they contain.

Social Media Accounts Become a New Target

Social media is widespread, and manufacturers are increasing playing along in order to get more visibility for their products and more interactions with their customer base. But with the proliferation of online social interactions comes increasing risk. In fact, 63% of MSPs anticipate that hackers will increasingly target social media accounts, according to NIST. Similar to Microsoft Office, social media toolsets have increasingly found their way into organizations. Initially thought of as a distraction, these toolsets have become embedded in many organizations, allowing for more collaborative communication between suppliers, customers, individuals, and groups.

Like the Microsoft Office suite, social media platforms have been enhanced and expanded, with new capabilities added on a routine basis. But a single compromised account can compromise an entire network when accessed from within the network’s parameters. Worse still, given the continually evolving nature of social media platforms, the threats are similarly evolving. Business owners need to understand what role social media will play in their organizations, and how these platforms can be leveraged without excessive risk. Manufacturing cybersecurity measures should take into account all accounts, including those on Twitter, Facebook, and similar online social meeting grounds.

When it comes to cybersecurity for manufacturers, the numbers don’t lie.

The correlation between successful IT threat mitigation and business success is well documented. Understand the numbers and take the necessary actions to put the odds in your favor. Manufacturers can avoid a cyber security breach by taking it one step further by partnering with industry experts: managed services firms with cyber specialists lead the way in cyberattack mitigation.

How Manufacturers Can Prevent a Cyber Security Breach

by Brad Feakes | Apr 21, 2021 | ERP Risks and Challenges, Manufacturing Innovation, Network Security, Security

Cyber security solutions are technological processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. Over the years, they have become a necessity in order for industrial firms to succeed. Manufacturing supply chains are often interdependent and integrated. Security within the entire supply chain will lessen any vulnerabilities that could impact the company as a whole. Manufacturers must prepare for a cyber security breach by way of proactive measures.

Cyber Security for Manufacturing Global Supply Chain Map

Has a hacker already gained access to your sensitive data?

All companies have private data that ranges from non-secure to highly secure information. This applies if you have one user, a million users, a million customers, or a supply chain with 500 million endpoints. This applies if your data is exclusive to networks outside of the United States or if you are global in reach.

Regardless of the size of the company, all companies include the following data within their protected systems, and this is the type of data that needs the highest level of endpoint security:

Social Security Numbers / Information
Bank Account Information
Personal Emails
Payroll Files
Account Information
Contact Information
Financial Records
Product Designs
Tax Records

Is your supply chain or customer data on the dark web?

If you have suffered a data breach in the past, the data included personal information, such as phone numbers or other personally identifiable information (PII). Leakage of such information could be fatal towards the growth of a company and its workers. Such sensitive information needs to be secured with proper cybersecurity measures. For companies that do not ensure these measures, the chances of survival within the digital world are slim. The only practical solution is developing ways to combat or prevent cyber risks.

Understanding Manufacturing Cyber Security

In order to stay safe in a world where digitization is key to success, manufacturing companies have to stay prepared. The best way to prepare, understand and manage cybersecurity risks is by considering all areas that could be breached by an attack. By looking at such risks in a business, and from a legal standpoint, owners may aim to formulate regulatory procedures in order to avoid the damage that a cybersecurity attack can impose on their company. In order for a manufacturing company to not only exist but thrive, they must first UNDERSTAND:

Understanding the risk: First, one must understand that hackers aim to steal, exploit and disrupt the company’s work. This may not necessarily be a personal attack and therefore it must not be treated as one.

Narrowing down risks: Manufacturing companies utilize technology for a multitude of sectors within the company. Therefore, narrowing down where the weakest aspects of cybersecurity are would help avoid data loss or operational risk significantly. If an attack is successful, it is also helpful to know where the root of the problem may have begun in order to stop it.

Data access control: Data is one of the most important factors in cybersecurity. The reliance on a single password, as security for data information, leaves manufacturing companies unshielded from hackers. Implementing a series of security measures by ranking importance of data can establish a hierarchy that prioritizes confidential data. Making sure only limited personnel has access to the data will lower the risk as well.

Enterprising the risks: Since cybersecurity risk is such a prevalent aspect in technology, manufacturing companies must include a prevention plan in their enterprise. This includes spending the necessary funds to prevent any harm towards the company’s technology.

Readying for the worst: Another tactic is assuming that every cybersecurity breach will be crippling towards the company. This prepares staff through proactive methodology and technology.

Setting key roles in an incident plan: Defining roles in advance with a detailed plan will enable everyone to know exactly what is required of them in case of an attack. This will help in a time when it is necessary to move quickly. Everyone will remain organized and on task.

Training all employees: Manufacturing companies need to train all employees to know how to avoid human error, which is one of the highest risk factors within cyber attacks. Through training, proper communication can be established between IT (Information Technology) and OT (Operational Technology) workers. The creation of a community culture will enable proper guidance and action on security shortfalls.

Administering the company’s policies wisely: Cyber attacks in manufacturing companies range from light breaches to severe damages that shut down operations. Therefore, ensuring that effective policies are in place is essential. The entire company needs to understand the severity of even a small breach. Policies should be updated as new threats emerge. Staff should be informed of any backup strategies in place and also of planned disaster recovery steps.

Never forget the basics: Manufacturing companies should have a basic response plan in order to outline expected and anticipated actions. Routinely changing user passwords and checking all systems for vulnerabilities should be common occurrences.

Decoys for intelligence gathering: Deploying white collar hackers is another method that could prevent vulnerability to cyber attacks. Companies should place themselves in the mind of the attacker in order to gain more knowledge on how one may think. Therefore the company can counter the attack before a breach is successful. Using decoys allows manufacturers to actively identify and analyze trends in their system that need to be addressed.

The latest technology, including managed application hosting in the cloud, provides new openings for risk and reveals a general lack of effective security in companies of all sizes, across all industries. The manufacturing industry is particularly vulnerable due to complex applications and third-party software integrations. Manufacturers also have challenging compliance regulations that require intensive documentation and reporting. Small business IT solutions help manufacturers looking for partners who will help them grow without the burden of cyber risk.

Cyber security incidents put manufacturing companies at risk of shutdown

Zero-trust cybersecurity policies have become the most essential risk management strategy. The only way manufacturing companies can stay safe is by making sure they are secure on all ends. The first step is understanding the risks, then making the effort to make sure a security breach does not occur. This process utilizes security audits and penetration testing to gain full vision of all system vulnerabilities. In the chance that a data breach does occur, cyber protection and cyber insurance are critical for survival.

Prevent a Cyber Security Breach with Best Practices

Chat with us now to schedule a penetration test to see if your data is secure.

3 Ways to Spring your Epicor Installation Ahead

by Brad Feakes | Mar 15, 2021 | Epicor, Epicor 10, Epicor Administration, ERP, ERP Consulting

Spring Cleaning & New Growth for Epicor ERP

While individuals differ in their opinion of daylight savings time, the metaphor of “springing ahead” feels perfect for the enterprise resource planning (ERP) season. Spring is, after all, the time of growth and expansion. So how do companies make the most of this season? Successful Epicor customers often find ways to move their implementation forward, following through on the ERP resolutions made in winter.

Whether you’re heading toward a great spring-loaded leap forward or merely some spring cleaning, there are many things that you can do to help your Epicor application spring ahead in terms of functionality, capability and overall return on investment (ROI).

Epicor Installation Manufacturing Tool Sparks

Spring your Epicor Installation Ahead with a Master File Cleanup

Daily problems in business operations often have their source in the master file records. Master file records are the kind of data that gradually deteriorates over time, if not cared for with vigor. Cleaning up the customer, supplier, and part master tables allows companies to quickly resolve multiple ongoing issues. I’ve seen many companies perform annual intensive data cleanup efforts to rectify such ongoing issues, and this often results in a system that is more predictable and more scalable over time. With each master file, countless questions can be asked to verify the accuracy of this foundational data.

These might include some of the following:

Customer Master: Are customer contacts up to date? How about the terms? Are credit limits in need of a review?
Supplier Master: Is banking information correct? Are purchase points defined correctly? Are terms up to date?
Part Master: Is supply-side information correctly configured to handle demand? Are part costs in line? What about customer and supplier-based part pricing?

Spring your ERP Ahead with a User Security Review

Cleaning up security within the ERP application is a simple step that can improve the maintenance and maintainability of the application. One significant question would be to ask whether your company utilizes individual user security or group security. The use of group-based security tends to keep the management of security much cleaner than the individual method, as users inherit permissions from the security groups, which ensures consistent and predicable access, without the scramble of managing individual permissions on every user account. Has your individual user security gotten out of hand? It’s never too late to rationalize security groups and roll back some of the disarray. This is one simple way of keeping your Epicor installation from becoming risky business.

Within this general structure, attention should be take to a few key functions, as to ensure that they are adequately managed:

Part Maintenance: Who has the ability to create and maintain parts? In many organizations, too many individuals have this ability, and it can create a significant amount of disruption if they are not doing so in a consistent manner.
Quantity Adjustments: The ability to adjust inventory quantities on the fly is a powerful but dangerous capability. Often, quantity adjustments are made to cover other issues, such as incorrect quality practices or inaccurate material issuing tendencies. Limiting quantity adjustments to a few reliable individuals is key to preventing inventory problems from spinning out of control.
Job Entry: Who should be able to modify a job? There are several settings (backflush, make direct, purchase direct, etc.) that can radically affect the application. Tightening the screws on job entry is often a means of ensuring successful supply for the jobs in question.

Spring Ahead with Focused Education

In an ERP context, education should be distinguished from training. Training generally refers to basic instruction geared for general end users, to allow them to perform processes accurately and consistently. Education differs from simple training in that it focuses much more on the underlying mechanics of the ERP system than on performing specific pre-defined tasks. When a larger critical mass of super users understands the underlying mechanisms of the system, you are better able to make decisions and further refine your system, improving efficiency and handling new challenges as they arise. Also, as new employees enter the organization, providing them with a solid understanding of the system can prevent needless backtracking. This is especially true for an Epicor installation.

So, what areas of the application could use some additional deep dives? Here are a few:

Transaction types: What’s the different between MFG-STK and MFG-WIP? It’s an important distinction.
Non-Stock: Understanding the effects of the non-stock flag on Sales Order Entry, the Engineering Workbench, and Job Entry is fundamental to successfully managing parts through the system.
Phantom BOMs — phantoms may help simplify your job BOMs, consolidate engineering levels, and simplify transactions.
Labor Entry Method: How does backflushing differ from Quantity Only? These are subtle but important differences, and the ramifications are widespread.
Backflushing Materials: Backflushing is another opportunity to make the system more efficient, but it relies on a solid understanding of the related hierarchy.

A Clean Epicor Installation Enables Growth

Spring, after all, is the season of growth, so push to move your Epicor ERP application forward this season, and sew the seeds for a bountiful harvest in 2021. Ready for optimal growth? Get the Epicor consulting services or Prophet 21 services you need to get ahead of the season. Take a tour of Epicor in a future-proof environment with a free ECHO cloud hosting demo. ECHO supports all ERP systems, including cloud-ready P21 & cloud-ready SYSPRO.

Talk to us about hosting your ERP

5 Takeaways from the Microsoft Exchange Server Attack

by Brad Feakes | Mar 8, 2021 | Disaster Recovery, Managed IT Services, Network Security, Security, Software

A Microsoft Exchange Server Attack Caused Hours of Downtime for Businesses Around the Globe

Last week’s Microsoft Exchange Server attack underscores the liabilities of on-premise architectures compared to their cloud counterparts. On Friday, March 5th, 2021, a zero-day Microsoft Exchange vulnerability was found being exploited across the globe. It affected on-premise Exchange servers, all versions, and allowed the attacker to read emails, exfiltrate data and run the “code of attackers” choice. Unfortunately, a zero-day exploit is one that usually doesn’t have any patches against it. In short, if you had an Exchange Server out on the internet, then it COULD likely have been compromised.

Our Break-Fix Client’s Last On-Premise Exchange Server Was Compromised

Microsoft (thankfully) moved quickly, and released a LOT of information, much of it confusing, with many incorrect links. It took our team some time to weed through the chaff and get the actionable tasks from it. The patches are out now, thankfully. It might take your IT folks 4 or 5 hours to install them, and yes, it’s Exchange/email downtime to get them there.

What’s the answer? I’d say “defense in depth”:

Here are 5 steps you can take to mitigate the potential damage of the Microsoft Exchange Server attack:

Patching – Patch publicly exposed servers quickly and completely.
Zero Trust – Once your servers are built, and before they are exposed to the internet, lock them down! Malware protection can help, but Zero Trust is the ultimate malware protection!
Cyber Insurance – Offload the risk to the insurance company.
Migration – Move the service to a more agile company. Microsoft Office 365 was not vulnerable to this exploit.
Backups – Enough said.

These 5 steps can be takeaway lessons for even those unaffected by this security breach. Cloud computing costs are decreasing while increasing cybersecurity availability via affordability. Talk to our IT specialists to learn more about how cloud technology can protect your business.