Recently Epicor reached a new cloud milestone: 1,000 Epicor Kinetic customers have chosen cloud. That’s over 82,000 daily users in 105 countries transacting over 100,000 jobs a day for over 1 million tasks a week.
Epicor has made it a goal to become “The cloud vendor of choice in the markets we serve.” This milestone represents Epicor and Encompass’ combined success in transitioning technology, business models, and culture to transform businesses to be successful in the cloud.
Customers and the market have taken notice. Recently, an Epicor Kinetic customer posted this statement in the peer reviews for Gartner,
“Switching to Epicor and as a SaaS has allowed us to advance our ability and continue our growth. It is completely scalable for our business and has been great for our ability to integrate our business processes.” Director of ERP Systems, Industry: Manufacturing, Firm Size: 50M-250M
The good news moving forward is that driving growth through cloud business propels us all forward at a higher velocity and offers new opportunities in the process.
Who is the 1,000th cloud customer on Epicor Kinetic?
VPI Technology Group is a multi-discipline technology firm, specializing in electronic design services, engineering, prototyping, certification and testing services, and electronics manufacturing. Epicor Solutions for Electronics and High Tech delivered what this service and manufacturing firm in the Electronics market needed. With rapid growth plans that include acquisition targets in the future, the need for ERPs to manage their distributed business became a priority. A key driver for their decision to choose Epicor Kinetic was our Government Cloud offering that supports their requirements for CMMC, simplifying their ability to stay in compliance with the Department of Defense (DOD).
“As a government contractor, it was essential to select an ERP that offered world-class security and compliance. Epicor Kinetic in Azure gives VPI many assurances. It can accommodate data subject to various US government regulations and requirements, allowing us to transform mission-critical workloads to the cloud.”
“Of all the systems our committee evaluated, Epicor Kinetic was rated as the most easy-to-navigate and easy-to-use system, which factored heavily into our ERP decision. The rich UI for the development and integration tools was also a key factor in our decision-making process.”
Jerry Scott, Chief Operating Officer | VPI Technology Group
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
Automotive Suppliers face a bewildering array of frequently-changing Customer Requirements, Regulations, and Procedures, all intended to place the burden of managing the flow of goods squarely upon their shoulders. Keeping a close watch on Forecasts, Daily Ship Schedules, Advance Ship Notices, and Pay on Receipts can strain Supplier staff. While there is a wealth of Automotive Supplier pain points to navigate daily, we’ll address the most common and cantankerous in the following article, which includes:
Keeping track of Accum-Shipped-to-Date per Part
Inaccurate Trading Partner data
Rapidly-Changing Daily Ship Schedules
Advance Shipping Notification (ASN) mistakes
Pay on Receipt tracking
Regulatory procedures and requirements
Automotive Supplier Pain Points in Detail
In this section, we’ll break down Automotive Supplier Pain Points in more detail. If you’re an automotive supplier facing these constraints and could use some guidance, it might make sense to reach out to Encompass for the best means to ensure they don’t continue to disrupt your business.
Keeping Track of Accum Shipped to Date Per Part
Discrete POs and Change Orders are mostly NOT used, except for emergency or repair parts. So, Trading Partners/Customers express their Release requirements in terms of Accum totals. This imposes a major burden on the Supplier to ensure both their and their Customer’s totals always agree. Additionally:
Suppliers keep track of Accum shipped to Date per Part
Customers keep track of Accum received to Date per Part
Reconciliation of differences between Accum Shipped and Accum Received is solely up to the Supplier to resolve….at times, changes are hourly…….or worse.
Annual reset to ‘zero’ (or close) means major effort depending on how many Parts are sold to Customers.
InaccurateTrading Partner Data
This area of issue is characterized by Questionable Forecasts (some Trading Partners are better at Forecasting than others) and Delayed Goods receipt at the Trading Partner/Customer.
Trading Partners can take considerable time to actually ‘receive’ goods and materials into their system. Until this takes place, the reported ‘Accum Received’ values that are sent back to Suppliers on the next Daily Ship Schedule can be out of date and thereby misleading. Trying to reconcile using outdated Accum data makes the task even harder.
An additional ‘side-effect’ of this ‘delayed receipt’ is the Trading Partner may continue to send the Supplier Requirements to ship that has already been shipped….and physically received…just not yet ‘received into the Trading Partner’s business system. This results in an inflated Order book for the Supplier unless extraordinary measures are taken to ‘filter’ these ‘duplicate requirements’ out of the inbound EDI.
Rapidly-Changing Daily Ship Schedules
Sometimes, Ship Schedules can change hourly. Some Trading Partners in Automotive may require all Suppliers to not only process EDI to manage Requirements but also have someone sit at a computer and log into a separate system at the Trading Partner to find what has just changed within the last hour or more recently, and then manually adjust accordingly.
If the order volume is significantly high, this ‘two-system’ method can severely tax a Supplier’s staff and systems.
Advance Shipping Notification (ASN) Mistakes
An ASN mistake can be catastrophic to a Supplier’s Monthly Performance Rating. For some Trading Partners, each such mistake can cost 5 points out of 100 points on that rating. If a Supplier’s rating dips below 80 points, the Trading Partner may place the Supplier on a ‘Probation’ list, and if the rating is in that state for 3 months in a row, the Trading Partner may have the contractual right to Suspend all business with the Supplier pending a documented Process Improvement document being agreed to by both parties.
Because of this, most Automotive Suppliers’ EDI/IT staff tend to keep longer working hours and be ‘on call’ to immediately find and rectify any mistakes within a very short time (sometimes within 30 minutes or less).
Pay on Receipt (aka ‘ERS’ evaluated-receipt-settlement) Tracking
Typical Automotive Trading Partners may refuse to use either EDI- or Paper-based Invoices. They consider them unnecessary. Instead, they will insist on an agreement with all approved Suppliers wherein the Supplier makes the required Shipments, sends the required ASNs, the goods are physically received at the Trading Partner, and then the shipment is cross-checked with the received ASN. The Trading Partner will then issue payment periodically that accounts for the Received Shipments.
The Supplier is then responsible to ensure that all Shipments have been balanced on the General Ledger’s Accounts Receivable with payments received.
Regulatory Procedures and Requirements
This is a very broad category of pain points. So, for the sake of simplicity, I’ve broken it down into three main areas of focus:
Domestic regulations
Export and international regulations
Future pain points
Domestic Regulations
Typically imposed by specific Automotive Trading Partners, to enable tight controls on product quality. Some Trading Partners will, for instance, insist that a Supplier completely re-submit Part Approval paperwork if even the slightest change is made in the manufacturing process. For example…a machine tool that is wearing out is replaced with a newer model…the PPAP documentation must all be re-done before shipping ANY product created by the new machine tool.
In today’s litigious environment, any manufactured Part that ultimately flies travels the roads or the rails, or is involved in anything that the Public uses, could be called into question in the unfortunate case if someone gets hurt in any way. Therefore, EDI gets included in the efforts to literally ‘keep track of everything in perpetuity.’
Export / International Regulations
Dual-Use Goods. If a given manufactured/purchased Part Number could be used in both a civilian as well as a military setting, then just about every country worldwide is going to want some measure of control over shipping that Part to certain other areas of the world.
Export Licensing then becomes the method by which permission is requested and granted for said shipments of that Part. Keeping track of all such Export licenses on all paperwork and EDI becomes a significant task.
Automotive is a worldwide market. All major Automotive companies have operations around the world or are trying to set those up. EDI in this environment gains more attention with the wide variety of Governmental agencies, even to the extent of mandating how long all Trading Partners might need to keep archival copies for future legal proceedings.
Future Pain Points
If one uses the time over the last 50-70 years as a guide, then we would fully expect EDI to gain prominence in aiding, documenting, and alleviating future difficult circumstances (i.e…’ pain’), just like it has ever since being developed back around 1945 by the Automotive companies as a way to streamline the processes and lower everyone’s costs and errors.
Automotive Supplier Pain Points Resolved
These issues don’t have to be the bane of doing business in the automotive market. Encompass is equipped with the tools and staff to ensure you can accommodate these activities and deliver on your trading partner’s expectations.
For more information on Encompass and our EDI services, reach out using the contact us button below.
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
Suppliers to the automotive industry are faced with a unique environment. To stay competitive, an automotive supplier must react to a complicated and ever-changing set of rules developed by the customer. These rules describe the exact methods that move product and order information through the supply chain. Automakers reach out and touch their suppliers at a moment’s notice to broadcast these mandates and changes in demand. Encompass EDI Consultants have deep experience with the unique set of Automotive EDI challenges faced by suppliers, including Regulatory, Logistics, and ‘Release Accounting’.
Unique Aspects of Automotive EDI
This concept is captured by the term ‘Release Accounting’ and is what sets the automotive industry apart from any other concerning EDI.
A supplier’s ability to manage the ‘Release Accounting’ process plays a key role in determining whether they can respond to customer changes rapidly and profitably. Those who have automated and integrated the ‘Release Accounting’ methods are well positioned for growth in the supplier community. They also report an increase in supplier ratings.
General Manufacturing rarely faces the same challenges.
Automotive EDI ‘Release Accounting’
Automotive EDI uses a radically different Order model compared to General Manufacturing (aka ‘Release Accounting’). The unique set of EDI transaction documents leveraged by this order model as well as associated activities include:
Weekly 830/BELFOR Forecasts
Daily 862/DELJIT Daily Ship Schedules
No, or Infrequent, 850/Orders Discrete PO’s
Order Releases managed using ACCUM-Shipped-to-Date totals
ACCUMs reset to zero annually
Releases frequently stated using ACCUM numbers, instead of Discrete QTYs
Responsibility to maintain and reconcile ACCUMs is on the Supplier
EDI 856/DESADV Advance Ship Notices (ASNs) are critical to the Supplier’s Monthly Performance Rating
Accuracy mistakes cost several points for each instance
Timing … typically the ASN must be sent and received within 20-30 minutes after the truck departs. If not, that’s also a mistake that costs points
Invoicing
No EDI or Paper Invoices
Instead, Invoicing is done using Pay-On-Receipt or ERS (Evaluated Receipt Settlement)
Use of KanBan / Just-In-Time (JIT) Releases
Kanban Numbers need to be received, stored, and returned on ASNs
Kanban Numbers typically mean more frequent changes to individual Releases
Releases
(similar to General Manufacturing) FIRM, UNFIRM, Planning Types
Use of Authorization Limits for FAB, RAW limits
This governs the reimbursement level for cancellations
The Role of ERP in Addressing Automotive EDI challenges
Electronic Data Interchange (EDI) and electronic commerce play an integral part in ‘Release Accounting’. Yet translating the EDI document into human-readable form is just the beginning. How the data is used and understanding how these unique requirements should be processed, is the essence of ‘Release Accounting’.
Every ERP System, which purports to accommodate ‘Release Accounting’ either has an internally-developed module (usually separate from the main system modules) or has developed a relationship with a 3rd-Party.
It is this 3rd-Party relationship where Encompass has a deep experience base and can help customers select the optimum methods, configurations, and integration to best align with a supplier’s business needs.
For more information on Encompass’ EDI services and Entrust EDI solution, reach out using the ‘Contact Us button below.
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
Epicor has released numerous feature enhancements, bug fixes, and improvements. Below is a breakdown of each of those release updates that Epicor users can leverage as part of this Epicor Financial Management tool.
Improvements and Feature Enhancements
Improved Speed on Copy Paste from Excel
The speed for copy-pasting from Excel to spreadsheets took longer for select users. The speed for performing copy paste has therefore been significantly improved.
Improved Value formatting for Journal Entry lines
Value formatting for journal entry lines has been improved for an enhanced user experience.
The improved Load speed of Organization & Workflow
For select users, loading organization & workflow took a few minutes. We have improved the load speed of the organization & workflow to aid in a faster way of working.
Default measure automatically set for New Calculation
This was an enhancement request by some EFP subscribers where the default measure must always be automatically set for the new calculation to avoid delays in starting new calculations.
Bug Fixes
Sums not shown in drill down
Sums are now shown correctly in drill down.
Adding a new account to the input sheet
For select users, Adding Account was disabled in input sheets. This has now been fixed and the addition of accounts works as it should.
Can ́t post when the difference is zero
For select instances, the posting was disabled when the difference was zero. This has now been fixed.
Workflow & Assignment level & data access scroll issue
For select instances, there were scroll and data access issues in the assignment and workflow part. The scroll bar has now been fixed to work as it should.
Missing values in variable margin bar line widget
The dashboard chart has been fixed and now shows the correct values.
For more information on this Epicor Financial Planner product release or other Epicor Kinetic Financial Management tools, reach out to Encompass using the Contact Us button below.
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
Epicor Insights 2022 will be taking place in Nashville, Tennessee at the Gaylord Opryland Resort and Convention Center from May 23 to May 26, 2022. The full agenda, along with extended education classes, for Insights will be released in early 2022. Below is the schedule at-a-glance so you can plan your trip to Nashville!
Sunday, May 22: Extended Education
Monday, May 23: Extended Education & Welcome Reception
Wednesday, May 25: Guest Speaker Keynote, Breakout Sessions, Evening Party
Thursday, May 26: Breakout Sessions
Epicor Insights Registration
Insights attendance is limited to current Epicor customers, authorized partners, and guests only. Early-bird discounts are available for a limited time.
Be sure to book before Wednesday, April 20, 2022, to secure your discounted rate!
Discounted room rate at the Gaylord is $219.00 plus a daily resort fee of $20.00 and any applicable taxes and fees
A Daily Resort Fee of $20 plus applicable taxes will be added to each guest room. The daily resort fee includes:
High-speed in-room wireless internet access
Unlimited local and domestic long-distance calls
Daily scheduled shuttle service to Grand Ole Opry House, Opry Mills, General Jackson Showboat & The Inn at Opryland
Fitness Center access
Bottled water (2 daily) replenished once daily with housekeeping service
Daily credit of up to $10 per room towards dry cleaning (credit not cumulative through stay)
Gaylord Springs Golf Links practice range access, a daily bucket of balls, and shuttle
Wildhorse Saloon cover charge for up to 4 guests (some restrictions may apply)
Opry Mills Savings Passport worth hundreds of dollars in savings
*Please note that Insights attendance is limited to current Epicor customers, authorized partners, and guests only. Full conference registration includes all conference sessions, access to the Solutions Pavilion, meals, and evening events. All conference sessions and meals will take place at the Gaylord Opryland Resort & Convention Center.
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
Avalara will stop providing support for TLS versions 1.0 and 1.1. To ensure a seamless and secure experience, Avalara will only support only TLS 1.2 moving forward. Read on for details regarding system vulnerabilities and important dates relating to the changes in support.
What is TLS?
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. TLS is the successor to the now deprecated Secure Sockets Layer (SSL) as a means of securing data exchanged between parties online.
Like every other software in use today, regular updates ensure its viability and mitigation of vulnerabilities in the face of nefarious actors. The most current version of the technology is TLS 1.2.
Disabling TLS 1.0 and TLS 1.1 is a prevalent industry approach as documented in the below NSA datasheet. This is a communication protocol that many technical specialists are familiar with, so the rationale behind Avalara disabling these versions should not come as a surprise to customers and should be expected.
For additional context please see the National Security Agency’s (NSA) Cybersecurity Information datasheet.
Avalara TLS 1.2 Service Changes
Effective 15 December 2021, Avalara will support only the secure Transport Layer Security (TLS) 1.2 connection in Sandbox accounts. All Avalara AvaTax for Communications SaaS REST and SOAP customers, Geo customers, and SaaS Standard customers must upgrade their Sandbox accounts from TLS 1.0 and TLS 1.1 to TLS 1.2 before 15 December 2021. Failing to upgrade will affect the access and connection to your Avalara account.
Effective 15 January 2022, Avalara will support only the secure Transport Layer Security (TLS) 1.2 connection in Production accounts. All Avalara AvaTax for Communications SaaS REST and SOAP customers, Geo customers, and SaaS Standard customers must upgrade their Production accounts from TLS 1.0 and TLS 1.1 to TLS 1.2 before 15 January 2022. Failing to upgrade will affect the access and connection to your Avalara account.
Important Dates for Avalara TLS 1.2 Cutover
As Avalara continues to improve our security protocols, we will no longer support TLS 1.0 and 1.1 in our REST v2 API as of March 30, 2022. Continued use of TLS 1.0 and 1.1 poses a security risk, and these protocols will no longer be supported.
Clients using these versions are expected to upgrade to support our new standards of TLS 1.2.
This deprecation will affect non-browser software, APIs, and other internet infrastructure, so partners and customers who are not yet using TLS 1.2 should plan accordingly.
This change will take effect in our REST v2 API on the following dates:
Sandbox: Feb 1, 2022
Production: March 30, 2022
What Do You Need to Do as an Avalara User?
Avalara’s connectors are equipped to auto-negotiate using TLS. You don’t need to change anything in your systems to use a TLS connector.
NOTE: Apple, Google, Microsoft, and Mozilla will disable Transport Layer Security (TLS) 1.0 and 1.1 support in their respective browsers in the first half of 2020.
The primary AvaTax endpoint supports TLS 1.2, 1.1, and 1.0 (1.1 and 1.0 until deprecation in the first half of 2020).
If your connector supports TLS 1.2 they should be able to negotiate over security protocol without any issues. Please use TLS 1.2 as your default.
What happens on March 31, 2022?
Avalara will discontinue support for Transport Layer Security (TLS) versions 1.0 and 1.1 on our Production RESTv2 API endpoint on 3/31/2022.
What about the older SOAP and RESTv1 API endpoints?
Avalara will continue to support TLS 1.0 and 1.1 in SOAP and REST v1 endpoints until 12/31/22. It is strongly recommended that partners still use these legacy APIs and refactor to Avalara’s REST v2 API as soon as possible. To assist with this transition, Avalara has published a Refactor Guide to provide details on moving existing supported software to Avalara’s RESTv2 API.
The general customer communication was sent out on 1/6/22, and the information is posted here.
If you have any questions or concerns regarding this update, please submit a Partner Support Case using the following process:
If you have access to an AvaTax account, please follow these instructions. Enter “Partner support” and a description of the Subject.
Don’t have access to an AvaTax account?Submit a case here.Include ‘Partner support’ in the ‘What issue are you experiencing?’ field. (Important:Leave the field “Which product are you using” as “None.”)
Avalara has identified the most at-risk partner integrations running on legacy SOAP APIs and SDKs and will be reaching out to impacted partners with specific recommendations to get these integrations TLS 1.2-compliant.
In support of the technical specialists receiving this correspondence please see the table below, which provides SDK-specific details.
SDK Language / Framework
Minimum Client Version for TLS 1.2 Support
Notes
Current SDK TLS 1.2 Status
C# .NET
Preferred .NET framework >= 4.7 (TLS 1.2 is default)
Supported in 4.6.2, 4.6.1, and 4.5 with service updates, but 1.1 is the default.
Preferred .NET standard version > 2.0.(TLS 1.2 is the default) Supported in .NET standard version 1.6 and 2.0 (TLS 1.1 is the default)
Node12 recommended. It supports OpenSSL 1.1.1, which supports TLS 1.2. Node12 also supports TLS 1.3 and will be maintained until 2022.
Node12 and above recommended (EOL 04/2022)
SUPPORTED
Python
Behavior for Python 2.7 and 3. x is platform-dependent since calls are made to the operating system socket APIs. Both Python versions default to the highest available TLS versions. The installed version of OpenSSL may also cause variations in behavior. For example, TLSv1.1 and TLSv1.2 come with OpenSSL version 1.0.1. Recommended v3.6+, minimum 2.7.
The python community has rejected <TLS 1.2 for several years. Developers must update to TLS 1.2+ compatible versions to download/update python packages from PyPI. It’s possible to enforce TLS1.2+ connects by modifying the request package.
Recommended v3.6+
Recommended OpenSSL version 1.0.1 or higher
SUPPORTED
PHP
Depends on curl & OpenSSL (v1.0.1) version of the system. OpenSSL v1.0.1 and above support TLS 1.2. Recommended PHP 5.6+. It uses CURL for making API calls and supports CURL version 7.34.0, which has default support for TLS 1.2. PHP 5.5.19 appears to be the min version. PHP 5.7 defaults to TLS 1.3.
Recommended PHP 5.6+
Recommended OpenSSL version 1.0.1 or higher
Recommended cURL version 7.34.0 or higher
SUPPORTED
Ruby
Depends on curl & OpenSSL (v1.0.1) version of the system. OpenSSL v1.0.1 and above support TLS 1.2. Ruby 2+, ensure the version of OpenSSL is 1.0.2 or greater, which supports TLS 1.2. The Ruby version is not strictly enforced currently.
Recommended Ruby 2+
Recommended OpenSSL version 1.0.1 or higher
Recommended cURL version 7.34.0 or higher
SUPPORTED
As a certified Avalara integration partner, Encompass can help you manage the maintenance of your Avalara solution and unique business processes. For more information on our partner Avalara and Encompass support services, reach out using the contact us button below.
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
Technology and business worlds are awash with talk of the latest security vulnerability posing a threat to enterprises of every size, Log4j. Learn more about the exploit and how it impacts Epicor users.
What is Log4j?
Log4j is a logging utility library for Java, and it has a zero-day exploit that allows for remote code execution. Meaning, This bug affects applications using Java and allows malicious actors to execute external code within the application resulting in a potential takeover of the software.
How does it affect Epicor Users?
Epicor Kinetic (formerly Epicor ERP) from version 10. X onward is built using a C#/.Net framework, PHP, and MS SQL database. It does not leverage Log4j among its dependencies. However, earlier iterations of Epicor software, such as Vantage 8, did employ Java app servers and may include Log4J dependencies.
Log4j may impact third-party solutions that leverage Java, such as ECM (DocStar). Those running on-premise deployments of Epicor Kinetic ERP need to upgrade to the latest version to be fully protected. All the more reason to remain current on the latest version of Kinetic and ensure your business minimizes such vulnerabilities.
Software security vulnerabilities are emerging more frequently among globally used technologies. It’s important to bear in mind that private groups tasked with countering security risks for businesses have a more difficult time managing such widespread system vulnerabilities when compared to vendor-administered SaaS models. In the case of the latter, vendors can push out patches and updates to a multitude of users concurrently. The control of configuration that on-premise deployment provides, while useful in customizing a system to the business’s specific needs, presents a precarious set of conditions in today’s modern technological landscape. On-premise users will do well to invest in InfoSec moving forward to ensure their systems remain as protected as possible.
If that investment is not one a business is willing to take on, upgrading to the cloudmay be in that business’ best interest.
What is Epicor doing to address the Log4j Vulnerability?
Epicor is actively responding to the reported remote code execution vulnerability in the Apache Log4j 2 Java library. All Epicor cloud products that use Log4j have been remediated, and there is no additional action required of customers. If you operate Epicor products on-premises, please log in to EpicCare to access knowledge base articles that provide remediation instructions for each affected product. Epicor will continually publish information on Log4j to help customers address any vulnerabilities.
“Fortunately, we use PHP and not Java, so this zero-day exploit will not affect us or our customers. That said, Java is a very popular language and if your company uses Java or Java frameworks (eg. Java Spring), you should check in to make sure the Log4j library is updated, if in use, to protect against malicious hackers that will exploit this.” – Rich Murr, Chief Information Officer, Epicor Software Corporation
If Encompass can assist in any way with protecting your Epicor on-premise installation, please don’t hesitate to reach out.
Encompass Solutions is a business and software consulting firm that specializes in ERP systems, EDI, and Managed Services support for Manufacturers. Serving small and medium-sized businesses since 2001, Encompass modernizes operations and automates processes for hundreds of customers across the globe. Whether undertaking full-scale implementation, integration, or renovation of existing systems, Encompass provides a specialized approach to every client’s needs. By identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of the Industry.
