W-Systems joins SugarCRM! Read Blog

Top 5 Expert Tips on Keeping Sugar Secure

by Mihaela Bulacu on October 31, 2019

7 minute read

October is National Cybersecurity Awareness Month, and in 2019, we’ve learned many new things about cybercrime, digital threats, and data breaches.

The most important thing we learn every day is that the Internet is a dangerous place, and taking good care of your online accounts and assets is essential to ensure you are safe. Due to the number of businesses that are moving to the cloud environment, the number of data breaches has been increasing exponentially. As a result, the cost of combating cybercrime is continuously growing, in the hope of making the Internet a safer place for all of us.

But fear not, there’s still hope! As Sugar implementation experts, W-Systems has worked with hundreds of organizations to ensure they have a safe and secure CRM environment. With that in mind, I interviewed our DevOps team to find out their advice on keeping Sugar instances safe and running smoothly. Here are their top CRM security tips and tricks.

Learn our tips on improving your SugarCRM security

1. Always Keep Your Sugar Instance Updated

Keep your Sugar instance updated with the latest security patches as SugarCRM regularly checks for vulnerabilities in their software.

SugarCRM releases new Sugar versions for security fixes, which you can get through the upgrade process. However, if upgrading is not an option for you at the time, you can request the security fixes in a Module Loader installable package form.

2. Disable Software Stack/Services Advertising

Knowing what technology your software is running on and what versions of the software you’re using is a shortcut for attackers to exploit particular weaknesses—especially if your software stack is not up-to-date.

For extra security, the Apache and PHP versions your Sugar instance is running on should be the very first to hide from prying eyes. See Hide Apache Web Server Version and Hide PHP Version for more information.

3. Keep the Number of Admin Users at a Minimum

Admins can load custom (and possibly rogue) code; a compromised or inexperienced admin user account could result in a lot more headaches than a regular user who has gotten their login credentials stolen.

That being said, some of your users may need elevated privileges to be able to change Languages or Studio. You could leverage Sugar’s “Admin” and “Developer” role features to allow Power Users to perform more administrative tasks, without explicitly making them an administrator. You should also immediately disable accounts of employees who are no longer at your company—especially if you haven’t parted ways in the friendliest of terms!

User Type in SugarCRM

4. Use a VPN

Putting your SugarCRM instance behind a VPN (Virtual Private Network) can add a powerful layer of security between your business and potential attackers. The best security is still just not being able to get to the resource. 

If for any reason using a VPN is out of the question, you should at least make sure that any of your internal software stack services are not exposed to the public. (eg. SSH, MySQL, ElasticSearch, etc).


5. Choose a Security-Conscious SugarCRM Partner (like W-Systems!)

Your Sugar instance’s security can be as strong as your implementation partner’s. If you’re an existing customer or are looking to adopt Sugar, make sure to ask your SugarCRM Partner about their security practices, both from a service stack point of view and from a software development point of view.

Paul Candela

The nature of complex software means that all systems have inherent vulnerabilities. The best way to secure any system is by layering security. This is also true with SugarCRM. From how you set your password to the number of admins of your system, adding layers enhances the security of your system. However, compared to other CRM tools out there, Sugar is a tad more secure from one perspective: it’s also available for On-Premise deployment, which enables you to add extra layers of security, such as VPN or IP Address Filtering. Software vendors who pride themselves on exclusively cloud-only deployment options host more content and therefore represent a more tempting target. This puts them at a higher risk of exposing customer data.

Paul Candela, Director of Technology, W-Systems

If you would like to learn more about W-Systems security measures and protocols for Sugar customers, reach out to your W-Systems rep or contact us if you are interested in Sugar as your CRM.

Cybercrime Facts & Data

If the tips above seem too much of a hassle for your business, remember that cybercrime is an expensive matter. Here is how expensive exactly it is to overlook your business accounts’ security.

  • Data breaches cost the US a staggering sum of USD 8.19 million
  • On average, the total cost of a data breach is about 3.92 million.
  • The industry which is the most affected by data breaches, is the healthcare industry, with an average cost of USD 6.45 million.
  • By the end of 2019, the global cost of cybercrime will exceed USD 2 billion.
  • 7 in 10 organizations are poorly prepared to prevent or respond to a cyber attack.

Cybersecurity is the number one priority of businesses today. According to this 2018 AT&T Cybersecurity Report, 82% of the organizations interviewed place improving cybersecurity as their number one priority, seconded by improving customer experience (SugarCRM has your back on this one, fear not!), with 81% of the respondents, and 75% improving sales and marketing analytics.

We may not have a fail-proof recipe to help you keep everything online safe and sound - especially in this day and time - but our experts’ advice will help you take better care of your Sugar, one step at a time. After all, you’ve seen it; leaving cybersecurity to chance is a risky move, no matter how big or small your organization is. 

If you would like a Sugar security audit, don’t hesitate to contact us at any time.