Skip to content

How to Ensure Your Sage X3 Solution is Secure

Sage X3 User Authentication
Carl Herrmann
By Carl Herrmann, 28 May 2020
How to Ensure Your Sage X3 Solution is Secure

There’s an old saying that goes: “your organisation is only as secure as its weakest password”. 

There’s also another one: “the only secure password is the one you can’t remember”.

If that’s true, then the passwords and authentication methods you use with your ERP system can determine how secure it is.  That could be bad news.  There is some good news, however.  In fact, it is very good news.  Sage X3 supports a vast plethora of authentication methods, many of which are on the cutting edge of security technology.

Sage X3 has built-in authentication where the user's password is stored (as a hash) in MongoDB.  This authentication method is known internally as ‘Basic’.  This method does not let you control your password policy (password complexity, length or expiry).  This is not recommended as an authentication method in a production environment.  If you use this method, it is highly recommended that your use HTTPS and a certificate otherwise the credentials can be exchanged unencrypted over the network.

Sage X3 can also integrate with Active Directory by making use of LDAP (Lightweight Directory Access Protocol).  With this authentication method your password policy is controlled by your internal AD password policy.  The authentication itself is also passed to the domain controller or a Read-Only Domain Controller in the datacentre.  Users can also then be managed from the Active Directory.

The cutting-edge stuff starts when you consider implementing OAUTH2 and SAML2 authentication methods.  With these you can integrate with AzureAD (e.g. Office 365), Google, Okta and other major platforms in the authentication security space.  With these you can implement 2FA (two factor authentication) and MFA (multi factor authentication) functionality where you login requests need to verified through an Authenticator app on a mobile device, an extra code texted to a mobile (SMS), extra security questions asked in another browser session, and various others.

 

The huge advantage with being able to integrate with these technologies means that Sage X3 can use enterprise level authentication services to grant users access to the ERP system.  Organisations can then also use these authentication methods across multiple systems, not just the ERP platform.

So, if your organisation is still using basic authentication to grant end-users access to your ERP system consider upgrading to a more secure authentication method.

 

Find Out More: