openerp-community team mailing list archive

Thread
Date

Re: OpenERP CMS: How is server separation implemented?

To: "W. Martin Borgert" <debacle@xxxxxxxxxx>, Markus Schneider <markus.schneider@xxxxxxxxxx>
From: "Enapps :: Vadim Chobanu" <vadim@xxxxxxxxxxxx>
Date: Fri, 17 Jan 2014 17:37:18 -0000
Cc: Frederik Kramer <frederik.kramer@xxxxxxxxxx>, openerp-community@xxxxxxxxxxxxxxxxxxx, Fabien Pinckaers <fp@xxxxxxxxxxx>
In-reply-to: <20140117183320.24552f3194ze38tc@webmail.in-berlin.de>
Thread-index: Ac8TqjynIs11uPJDQa+MZkwtMAGLzwAAD7Ag

Total agreement here - today more than ever.
Regards,

Vadim



-----Original Message-----
From: Openerp-community
[mailto:openerp-community-bounces+vadim=enapps.co.uk@xxxxxxxxxxxxxxxxxxx]
On Behalf Of W. Martin Borgert
Sent: 17 January 2014 17:33
To: Markus Schneider
Cc: Frederik Kramer; openerp-community@xxxxxxxxxxxxxxxxxxx; Fabien
Pinckaers
Subject: Re: [Openerp-community] OpenERP CMS: How is server separation
implemented?

Quoting "Markus Schneider" <markus.schneider@xxxxxxxxxx>:
> No it is just A and B in one system. Security is always a matter, but
> if you are a eCommerce System than all your sensible customer data are
> also in shop system.

I can imagine a lot of ERP data, that is not necessary at all on a shop
system: Project management, employee directory, leave management, MRP,
recruitment process, expense management. In many companies, the system
with employee data has limited or no internet access. Privacy does matter,
today more than ever.

> General the problem on security comes from inside your company as well.
> So the idea to have erp system and internet seperated works only in a
> world without eCommerce, email and customer portals. I don't need this
> you are wrong with OpenERP ;)

Is the new strategy to go for Magento instead of giving SAP a run for
their money? :~) I hope, that the software will remain interesting to much
more users, than the eCommerce community only!

> This is not a failure of system but a human failure. I have no idea to
> prevent such problems but i interested to know what have OpenERP think
> about that problem.

To err is human :~) Sensitive data should only be on systems where it is
absolutely necessary. A public portal or eCommerce site is not the right
place for sensitive data. The right question is: Why was this data on that
system in the first place?

It probably would make more sense to have two stricly separated systems
with a well-defined import and export, that can be audited e.g. by the
companys data protection officer (Datenschutzbeauftragter).

Cheers


_______________________________________________
Mailing list: https://launchpad.net/~openerp-community
Post to     : openerp-community@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~openerp-community
More help   : https://help.launchpad.net/ListHelp

Follow ups

Re: OpenERP CMS: How is server separation implemented?
From: Nhomar Hernández, 2014-01-17
Re: OpenERP CMS: How is server separation implemented?
From: Houssine BAKKALI, 2014-01-17

References

OpenERP CMS & eCommerce
From: Fabien Pinckaers, 2014-01-11
OpenERP CMS: How is server separation implemented?
From: W. Martin Borgert, 2014-01-17
Re: OpenERP CMS: How is server separation implemented?
From: Markus Schneider, 2014-01-17
Re: OpenERP CMS: How is server separation implemented?
From: W. Martin Borgert, 2014-01-17