Select Page
How to Manage Tariff Risk in Distribution

How to Manage Tariff Risk in Distribution

In today’s global economy, tariffs can shift overnight — and for distributors, those changes ripple quickly across pricing models, supplier relationships, and customer expectations. While tariffs are nothing new, the pace and complexity of trade updates in recent years have made it harder for teams to react quickly and plan confidently.

If you’re a U.S.-based distributor running Epicor Prophet 21 ERP — particularly one sourcing products from international suppliers — understanding and mitigating your tariff exposure has become a critical part of your supply chain strategy.

Manage Risk Distribution Prophet 21 Supply Chain Freighter

When deciding how to manage tariff risks, companies need to consider risk mitigation solutions and risk management strategies.

Key Considerations for Managing Tariff Risks

  • Solution: Implement automated tariff management tools like the Recurrency Tariff Manager
  • Solution: Leverage third-party software for real-time data and alerts
  • Solution: Diversify supplier base to reduce dependency on high-tariff regions
  • Strategy: Conduct regular tariff exposure assessments
  • Strategy: Establish contingency plans for sourcing and logistics
  • Strategy: Collaborate closely with trade compliance experts and consultants

The Tariff Challenge: Limited Visibility, High Stakes

Tariff exposure often hides in plain sight. Vendor records might show countries of origin or product categories, but few ERP systems offer a clean, consolidated view of which suppliers are likely to be impacted by new tariffs — and what those impacts could mean financially.

Procurement and finance teams are often left piecing together spreadsheets, customs data, and supplier intel to make urgent decisions. And by the time a potential risk becomes clear, the cost implications may already be felt.

Oversight, Strategy, and Control: Three Ways to Get Ahead of Tariff Risk

1) Invest in Strategic Supplier Diversity

By diversifying your supplier base across multiple countries or regions, you reduce reliance on any one source that may become tariffed. Your ERP system should help track and categorize suppliers by region, and your team should regularly audit where your critical parts or products are coming from.

2) Improve Cross-Functional Visibility

Tariff risk isn’t just a procurement issue — it touches pricing, forecasting, inventory, and even customer experience. Integrating trade visibility into dashboards accessible to operations and finance leadership is key. This means making tariff exposure a regular part of your supply chain reporting, not a fire drill when changes hit.

3) Use Purpose-Built Tools for Trade Risk Management

Rather than rely solely on generic ERP reports, modern distributors are turning to specialized tools that augment their ERP environment. These tools often bring in external data, enrich vendor records with AI insights, and suggest actionable strategies like pre-purchasing inventory or temporarily shifting pricing models.

If you use Epicor Prophet 21, there’s a new solution available that may be worth exploring: the Recurrency Tariff Manager.

This lightweight dashboard plugs directly into your P21 system and uses AI to analyze your vendor list for likely tariff exposure. In under 15 minutes, it can show you where you’re at risk — and help you take action, whether that means sourcing alternatives, adjusting purchasing, or planning pricing changes.

It’s a smart way to bring clarity into a complex challenge — without requiring months of development or a full system overhaul.

Managing tariff risk isn’t just about compliance or cost control. It’s about building resilience into your operations — so that when change comes, you’re prepared. By improving visibility, sharing insights across teams, and using the right tools, you can turn tariff challenges into strategic opportunities.

If you don’t want to explore things like how to manage tariff risk in distribution ERP without industry experts helping you the mitigate risks, our team at EstesGroup is always available to help you make sense of your data and identify the right tools for your ERP and business strategy.

Stay Ahead with EstesGroup Insights

Get valuable cloud technology & ERP insights delivered directly to your inbox. Receive exclusive updates, practical guidance, and expert tips tailored specifically for your business.

"*" indicates required fields

Name
This field is for validation purposes and should be left unchanged.
Epicor Kinetic UI Tips & Tricks

Epicor Kinetic UI Tips & Tricks

Digital transformation concept representing Epicor Kinetic UI migration from classic ERP to web-based interface.

UI Spy: Say Goodbye to Classic ERP

As you might be aware, Epicor is pushing to sunset the Kinetic ERP’s legacy “classic” UI screens, in favor of the web-based Kinetic user interface. They have been scaling back support for the classic interface over time, with a sunset date of May 2026.

As of version 2026.1, Epicor’s Kinetic ERP will no longer contain a smart client deployment, and the user base will communicate with the application exclusively through a web browser.

Depending on the extent of customizations to the UI and to components like dashboards, conversions may take a significant amount of time in modification and testing.

That said, what are key differences?

  • The user communicates with Epicor in a new User Interface (UI)
  • Runs in a browser instead of a fat client
  • Runs on web-centric devices—not limited to a traditional computer screen and now available on tablets, phones, etc.
  • Epicor components and business objects can be accessed through a mobile app—not limited to Epicor’s own apps
  • UI can be customized, but has no C# code, so heavy lifting must be off-loaded to BPMs and Functions

So you want to know more Epicor Kinetic UI tips and tricks for when the rubber meets the road? The EstesGroup Epicor Kinetic consulting team recently covered some technical areas of concern that can help you migrate to a better place moving forward.

Getting Tippy when the Kinetic UI gets Tricky…

In helping customers move to Kinetic, we’ve encountered countless requests for various items of the Epicor Kinetic UI “tips and tricks” variety—something like: “Can Classic dashboards be automatically converted to Kinetic?”

The answer is “yes, but…”

An easy way to generate the Kinetic application is via the Tools/Deploy Dashboard option. You can preview the dashboard or generate the application when you’re satisfied with it. This does convert a lot of things well, but you’ll notice something immediately with the trackers when you preview the Kinetic dashboard.

The filter field(s) in the very first tracker will appear in a slide-out panel when the dashboard opens. Filtering may or may not actually work. Notice there is no OK button in this example. 

Other panels have had different issues. And once the panel is discarded, the user can never access it again until the dashboard is restarted. Also, if there are multiple queries/trackers on the dashboard, the subsequent trackers will never fire. It might seem disheartening at first blush, but there are workarounds.

A relatively easy way to do this is this procedure in Dashboard Entry:

  1. Copy the dashboard to avoid changing the original, perhaps add a “K” to the end of the dashboard ID, or some other scheme
  2. Load the new copy of the dashboard
  3. Delete all trackers on the dashboard
  4. Preview the dashboard and make sure it runs okay, other than the missing trackers
  5. Save the dashboard
  6. Create the Kinetic application (Tools/Deploy/Application)
  7. Open the new Kinetic application and add the trackers back in

Adding the trackers manually may sound like a lot of work, but it’s not too bad. Plus, you can add some nice functionality.

Need more guidance? Sign up to get our Ultimate Epicor Kinetic UI Tips and Tricks Guide!

GET THE GUIDE

Fill out the form below to receive your copy of Uplift Epicor Classic UI to Kinetic UI – Questions and Answers. We’ll send our help guide straight to your inbox so you can start planning your upgrade with confidence.

"*" indicates required fields

Name*
Email*
What version are you on?

Stay Ahead with EstesGroup Insights

Get valuable cloud technology & ERP insights delivered directly to your inbox. Receive exclusive updates, practical guidance, and expert tips tailored specifically for your business.

"*" indicates required fields

Name
This field is for validation purposes and should be left unchanged.

5 Signs Your Business Needs a Network Security Audit

5 Signs Your Business Needs a Network Security Audit

In today’s digital landscape, cybersecurity isn’t just for large corporations – it’s essential for businesses of all sizes. Many organizations don’t realize they’re at risk until after a security incident occurs. Here are five critical warning signs that indicate your business should consider a professional network security audit and vulnerability assessment.

Network Security Audit Vulnerability Hacker on Laptop

1) Your Network Performance Has Changed

Unexpected slowdowns or irregular network behavior could indicate security issues. Malware and unauthorized access often create unusual patterns in network traffic. While performance issues don’t always signal security problems, they warrant investigation through a comprehensive security assessment.

2) Your Remote Work Force Has Changed or Returned to the Office

The shift to remote work creates new security challenges. Each remote connection represents a potential entry point for cyber threats. If your business has embraced remote work without updating security protocols, you may have unknown vulnerabilities in your network. If your employees are returning to a traditional office setting, you also need to revisit security policies and protocols. New employees in the office mean new potential for security breaches. A network security audit can reveal threat vectors that have been introduced to your business by your shifting workforce.

3) You’re Not Sure When Updates Were Last Applied

Security patches and updates are crucial for protecting against known vulnerabilities. If you can’t confidently say when your systems were last updated, or if you’re unsure whether all devices are current, it’s time for a security audit. Research consistently shows that outdated systems are involved in at least 60% of data breaches.

4) Multiple People Handle IT Tasks

When multiple employees or vendors share IT responsibilities, security protocols can become inconsistent. This fragmented approach often leads to new vulnerabilities in your network. Here are a few to keep in mind:

  • Inconsistent access permissions
  • Overlooked security updates
  • Gaps in security monitoring
  • Unclear accountability for security measures

5) You Haven’t Had a Professional Vulnerability Assessment

If it’s been more than a year since your last professional security audit – or if you’ve never had one – your business is likely overdue. Cyber threats evolve rapidly, and yesterday’s security measures may not protect against today’s sophisticated attacks.

Taking Action for Network Security

Don’t wait for a security breach to assess your network’s safety. A professional network security audit can identify vulnerabilities before they’re exploited. Modern security assessments are designed to be the following:

  • Non-disruptive to your operations
  • Completed quickly (often in just 30 minutes)
  • Comprehensive in scope
  • Actionable with clear recommendations

Next Steps to Limit Information Vulnerabilities

Understanding your network’s security posture is crucial for protecting your business assets and customer data. The EstesGroup team provides thorough network security audits that identify vulnerabilities without disrupting your operations. We also offer subscription-based IT services for businesses looking to streamline IT and security management. Contact us today to learn how we can help secure your business technology.

Sign up for a security audit and vulnerability assessment today.

"*" indicates required fields

Name*
Email*
How to Get to the Point of Endpoint Management

How to Get to the Point of Endpoint Management

The Never-Ending Endpoint Management Game

In today’s digital workplace, the phrase “endpoint management” appears in almost every serious conversation about cybersecurity solutions. Though it’s easy to add to your IT strategy, getting your organization to the point where you have a truly effective endpoint management system isn’t as simple as flipping a switch. Let’s walk through the journey of transforming your IT infrastructure from chaos to control according to EstesGroup’s cyber experts.

Point of Endpoint Management Business Team Technology Laptops Tablets AI

Endpoint Management as the End to Pain Points

Before diving into complex solutions, take a step back and assess your current situation. What’s keeping your IT team up at night?

  • Are your help desk tickets overwhelming?
  • Do software updates feel like herding cats?
  • Is employee onboarding taking forever?
  • Are security patches consistently behind schedule?
  • Does remote work support feel like a juggling act?

Understanding your pain points is crucial because it helps you build a case for change and prioritize your needs.

Build Your IT Network Foundation

Think of endpoint management like building a house – you need a solid foundation. First you need to create and assess your unique technology blueprint. Here are the steps to do this:

  • Asset Inventory
    • Document all your endpoints (computers, laptops, mobile devices)
    • Map out your software licenses
    • Identify who uses what and why
  • Standardization
    • Create baseline configurations for different user types
    • Establish standard operating procedures
    • Define security policies
  • Network Infrastructure
    • Ensure your network can handle remote management
    • Set up secure access protocols
    • Implement backup systems

Take IT Management Step by Step

Don’t try to boil the ocean. Instead, implement endpoint management in phases:

Phase 1: Basic Monitoring

  • Deploy basic monitoring tools
  • Set up alerts for critical issues
  • Establish baseline performance metrics

Phase 2: Remote Support

  • Implement remote access tools
  • Train support staff
  • Create support documentation
  • Set up ticketing system

Phase 3: Automation

  • Automate routine maintenance
  • Set up automated patching
  • Configure automatic updates
  • Create automated onboarding workflows

Phase 4: Optimization

  • Fine-tune monitoring parameters
  • Optimize performance settings
  • Streamline support processes
  • Enhance security measures

Address the Human Element of Endpoint Management

Technology is only half the battle. Success requires:

User Education

  • Train employees on new procedures
  • Communicate changes clearly
  • Provide self-help resources
  • Get feedback and adjust

IT Team Development

  • Up-skill your IT staff
  • Define clear roles and responsibilities
  • Create documentation
  • Establish best practices

No End to Your IT Strategy

Your technology journey will never end. The cyber landscape will only become more complex. To prepare for the future, set up metrics now to track your journey:

  • Response times to IT issues
  • System downtime
  • Patch compliance rates
  • User satisfaction scores
  • Support ticket resolution times
  • Security incident rates

Endpoint Management is a Journey, Not an End in Itself

Getting to the point of effective endpoint management takes time, planning, and patience. Start with understanding your needs, build a solid foundation, implement changes gradually, and keep your users in mind throughout the process. The result? A more efficient, secure, and manageable IT infrastructure that supports rather than hinders your business operations. Remember that endpoint management is a journey, not a destination. As your organization grows and technology evolves, your approach should too.

Most importantly, remember that the goal isn’t perfection from day one. It’s about creating a sustainable system that grows with your organization and adapts to changing needs. Start your journey today, take it one step at a time, and keep moving forward. Your future IT team will thank you for it.

Would your team benefit from a partnership with a 24/7/365 team of ERP and technology experts? Learn more about our subscription-based services today.

EstesGroup provides managed IT services and enterprise consulting for all ERP systems: Epicor Kinetic, Epicor Prophet 21, Sage ERP, SYSPRO ERP, NetSuite, QuickBooks, and more!

The Power of a Policy-Led IT Strategy

The Power of a Policy-Led IT Strategy

How to Align Technology Policies with Business Goals

In today’s rapidly evolving digital landscape, organizations face the constant challenge of aligning their IT infrastructure with business objectives while navigating a complex web of regulations and security concerns. This is where a policy-led IT strategy comes into play, offering a structured approach to technology management that ensures compliance, enhances security, and drives business value.

Bill McCord IT Policy Webinar

What is a policy-led IT strategy?

A policy-led IT strategy is an approach that places organizational policies at the forefront of technology decision-making. Instead of allowing technology to dictate business processes, this strategy ensures that IT initiatives are guided by well-defined policies that reflect the company’s goals, values, and regulatory requirements.

What are the key benefits of policy-led IT?

  • Improved Compliance: By basing IT decisions on clear policies, organizations can more easily adhere to industry regulations and standards.
  • Enhanced Security: Security policies become an integral part of the IT strategy, reducing vulnerabilities and protecting sensitive data.
  • Better Alignment with Business Goals: Technology investments and initiatives are directly tied to organizational objectives, ensuring better ROI.
  • Enhanced Decision-Making: Clear policies provide a framework for consistent IT decisions across the organization.
  • Increased Transparency: Stakeholders have a clear understanding of how and why IT decisions are made.

How do you implement a policy-led IT strategy?

Developing and implementing a policy-led IT strategy requires careful planning and execution. Here are some key steps:

  1. Define Clear Policies: Start by creating comprehensive policies that cover all aspects of IT usage, security, and governance.
  2. Align Policies with Business Objectives: Ensure that your IT policies support and enhance your organization’s overall goals.
  3. Communicate and Educate: Make sure all stakeholders understand the policies and their importance.
  4. Implement Technology Solutions: Choose and implement technologies that support and enforce your policies.
  5. Monitor and Adjust: Regularly review and update your policies to keep pace with changing business needs and technological advancements.

Cybersecurity Awareness Month Webinar

How to Create a Policy-Led IT Strategy

To dive deeper into this topic and learn how to create an effective policy-led IT strategy for your organization, join us for our upcoming webinar:

  • Date: October 30th, 2024
  • Time: 11 AM Eastern Time

Ready to learn the key components of an effective IT policy framework? Looking for new strategies for aligning IT policies with business objectives? Seeking best practices for policy implementation and enforcement? Tired of theory and desire real-world examples and case studies?

By embracing a policy-led IT strategy, you can ensure that your technology investments are not simply sustaining your business, but actively driving your future forward in a secure, compliant, and efficient manner.

Cybersecurity Awareness Month
Cybersecurity Audits: Safeguarding Modern Manufacturing

Cybersecurity Audits: Safeguarding Modern Manufacturing

Ensuring Robust Cybersecurity with SOC 2: Certified Providers, Certified Protection

In today’s interconnected manufacturing landscape, cybersecurity is no longer just an IT concern—it’s a critical business imperative. As cyber threats evolve and regulatory requirements tighten, manufacturers must ensure their digital assets, intellectual property, and operational technology (OT) are adequately protected. This is where comprehensive security audits, conducted by SOC 2 certified providers like EstesGroup, play a crucial role. With EstesCare Guard cybersecurity experts, manufacturers can run complex enterprise resource planning (ERP) software, like Epicor Kinetic, without worrying about cyber threats and attacks. Cybersecurity audits for manufacturers are complex. Let’s take a closer look at the closer look of a security audit.

Females business executive accessing files on a secure tablet surrounded by code and cybersecurity symbols.

The Importance of Security Audits for Manufacturers

Security audits are essential for manufacturers to accomplish the following:

  1. Identify vulnerabilities in both IT and OT environments
  2. Ensure compliance with industry regulations and standards
  3. Protect sensitive data and intellectual property
  4. Maintain operational continuity and prevent costly downtime
  5. Build trust with customers and partners

Key Areas Covered in a Manufacturer’s Security Audit

A thorough cybersecurity audit for manufacturers typically encompasses the following categories and more:

Network Security

  • Firewall configurations
  • Segmentation between IT and OT networks
  • Wireless network security

Endpoint Security

  • Workstation and mobile device protection
  • Internet of Things (IoT) device security
  • Industrial control system (ICS) security

Access Control

  • User authentication and authorization
  • Privileged access management
  • Remote access security

Data Protection

  • Data encryption (at rest and in transit)
  • Backup and recovery procedures
  • Data loss prevention strategies

Industrial Control Systems (ICS) and SCADA Security

  • ICS/SCADA system hardening
  • Patch management for industrial systems
  • Security monitoring for OT environments

Supply Chain Security

  • Third-party risk assessment
  • Secure data exchange with suppliers and partners
  • Vendor management processes

Incident Response and Business Continuity

  • Incident response plans
  • Disaster recovery procedures
  • Business continuity strategies

The Advantage of Choosing a SOC 2 Certified Provider

When selecting a cybersecurity partner to conduct your security audit, opting for a SOC 2 certified provider like EstesGroup offers several key advantages:

  • Proven Expertise and Reliability: SOC 2 certification demonstrates that the provider has undergone rigorous third-party audits of their own security practices. This ensures they have the expertise and systems in place to effectively assess and improve your security posture.
  • Comprehensive Security Framework: SOC 2 certified providers adhere to a robust security framework based on five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. This comprehensive approach ensures no aspect of your cybersecurity is overlooked.
  • Industry Best Practices: By working with a SOC 2 certified provider, you benefit from their knowledge of the latest industry best practices and emerging threats, ensuring your security measures are up-to-date and effective.
  • Compliance Alignment: SOC 2 certified providers are well-versed in various compliance requirements. They can help align your security practices with relevant industry standards and regulations.
  • Continuous Improvement: SOC 2 certification requires ongoing compliance, meaning your provider is committed to continuously improving their own security practices—a commitment that extends to the services they provide to you.

The Security Audit Process

When working with a SOC 2 certified provider like EstesCare Guard Cybersecurity, you can expect a structured and thorough security audit process:

  1. Initial Assessment: Understanding your manufacturing environment, technologies in use, and specific security concerns.
  2. Comprehensive Review: Evaluating your current security controls, policies, and procedures across all relevant areas.
  3. Vulnerability Scanning and Testing: Conducting technical assessments to identify potential weaknesses in your systems.
  4. Risk Analysis: Assessing the potential impact and likelihood of various security threats.
  5. Detailed Reporting: Providing a comprehensive report of findings, including vulnerabilities, risks, and compliance gaps.
  6. Remediation Planning: Developing a prioritized action plan to address identified issues and enhance your overall security posture.
  7. Ongoing Support: Offering continuous monitoring and support to maintain and improve your cybersecurity over time.

Safeguarding Your Manufacturing Future

In an era where cyber threats can significantly impact manufacturing operations, regular security audits conducted by SOC 2 certified providers are essential. By partnering with EstesGroup’s EstesCare Guard cybersecurity experts, you’re not just getting a security assessment—you’re gaining a trusted advisor committed to protecting your digital assets, ensuring operational continuity, and safeguarding your manufacturing future.

Ready to enhance your cybersecurity posture and protect your manufacturing operations with a comprehensive security audit? Don’t settle for general! EstesGroup offers cybersecurity audits for manufacturers.

Our team understands the manufacturing industry. Our team understands your ERP system. Our Epicor Kinetic, SYSPRO, and Sage experts are on the same team as our elite cybersecurity consultants. Talk to us today to keep your data secure.