On-premise or in the cloud, what is the safest for your ERP/CRM data? Security is a top priority for many companies, and the on-premise version is often still seen as the ‘safer option’. The mere proximity of that data often provides a (false) sense of security and control. Is that really the case? And what does reality teach us? Is your ERP/CRM data safer in the public cloud, or should you stick with your own data center?
Data security is indispensable, and rightly so. Day in and day out, various parties try to view, inspect, or even hijack your data. Employees, partners, customers, suppliers, competitors, hackers… willingly or unwillingly, they come into contact with your data. As an organization, you must therefore be extremely careful with your data. Where is that valuable data safest?
What about the traditional on-premise approach?
- Consideration 1: What level of professionalism can you demonstrate? Hackers are getting smarter and finding new ways to breach systems every day. Therefore, your server security must also improve daily to stay ahead of hackers. Is this possible within your IT service? Do they have the experience, capabilities, time, and budgets for this? How quickly can you grow or fill new positions?
- Consideration 2: What is the depth of knowledge of your IT personnel? How expert are they and how often can they attend training? When was the last time they presented new, fresh ideas? How quickly do they upskill themselves and are they immediately up-to-date with new technologies? Is that enough to meet the current pace of innovation? And what has been the development of these budgets in recent years?
- Consideration 3: What is the breadth of knowledge of your IT staff? Can they manage all systems themselves? All applications, databases, operating systems, and reporting tools – can everything be covered? What do you think? Are you happy with that answer?
-
Consideration 4: What about physical access to your servers? Is there access control to the server room, and is it correctly applied? How many people have access? And do you know what colleagues, external personnel, or cleaning staff are up to in this room, even after closing hours?
-
Consideration 5: Are you conducting sufficient audits? How many times per year is there a professional EDP audit? Is it carried out by an external company that tells you the weak spots in the security system? How accurately do you follow up on the advice?
Rough estimates show that, of all companies using an on-premises solution, 40% do not perform daily backups. Surprised? What about you? Are you definitely among the other 60%?
Let's face the facts:
- Data security is vital for any company.
- Running a business is about much more than data security. You prefer to focus on customers, employees, goals, ... in short, your core business.
- Data security is not your core business.
It is Microsoft's. In 2020, they won the prestigious Joint Enterprise Defense Infrastructure contract, issued by the Pentagon, the headquarters of the U.S. armed forces. Undoubtedly an organization that values reliability highly. That contract was cloud-based.
In other words, if the Pentagon trusts the cloud, maybe you should too? Microsoft employs 3,500 cybersecurity engineers and invests 1.4 billion dollars a year in cybersecurity. So perhaps the security at those Microsoft data centers is actually more robust than the average security in a server room at a Flemish SME? Including yours?



