Any feature-rich, connected software, has security flaws. This is an undeniable fact. The question is not around eliminating any potential security risk, but in finding the balance between security and convenience; allowing an organisation to function effectively, while maintaining an appropriate level of security.
Scope of risk
If business systems and website are fully separated, with periodic or off-line data synchronisation, the scope of risk is reduced. However, customer, product and order data are still at the front line and need to be secure. The downside with this set-up is that it may require human input with information manually entered, complex intermediary systems and lack of real-time data. For the modern business, this is not convenient. Therefore security comes at a cost to operational efficiency.
Every business needs to find their least uncomfortable position when striking the balance between convenience and security.
This may sound scary, but when you connect your business system to the outside world, the scope of risk now includes your balance sheet and P&L, employee data, bank and cash details and other private information. Having said this, you could already have this weakness due to poorly implemented networking infrastructure.
Traditionally, when we have created cloud-based business applications, we have used various mechanisms to keep them secure. An example is the use of client side certificates, preventing anyone from accessing a web based system without a valid web browser certificate installed, and the certificate can only be issued by the administrator. They can be revoked if a computer is compromised, and are supplemented with user names and passwords. However, they are often unsuitable for smaller projects as quite a bit of effort is needed to set them up and maintain issuing and revoking of certificates.
If the service is to be accessed from pre-defined locations, VPN's (Virtual Private Networks) can be used to access your application from known sites, for example, your office or home.
Web servers can be locked down to only allow access certain URL's from certain locations, and matched with monitoring applications, can pre-warn if a visitor starts to behave in an out-of-the-ordinary way.
These mitigate many issues, but still do not address the core fact that if the software has a design flaw, you want to find out about it before someone less responsible does.
What we found inside Odoo
Our developers spend a lot of time with the Odoo code every week. Due to their experience, they were able to identify of areas of code that could be at risk and investigate further. Our team alerted Odoo to the following risks;
- An administrator could break out of the application and access the underlying server OS
- A user could access another user's data after having brief physical access to their computer
- Hostile code could be saved in to a form field and executed when another user views it
These security risks have now been successfully fixed.
Odoo validated the potential risks within a couple of days and after detailed discussions, a patch was released to enterprise customers and partners. A public release with full details has been released on the Odoo code repository and announcements to the community mailing lists. This is an example of how Open Source code can be beneficial to ensuring ongoing security of an application. It enables a community of developers to feedback their discoveries so that these may be promptly addressed.
Odoo is not immune from security vulnerabilities, equally, Open Source is not a magic bullet. However, both have significant advantages over proprietary software to both reduce and resolve issues as they arise.
OpusVL made the decision to develop solutions based on Open Source and Odoo for many reasons, the security benefits were a major factor in this decision. The more secure an application is, the less convenient it may be for its users. For every organisation, thought should be given as to how to balance these requirements for their own individual needs.