Mitigating Risk With Maintenance

For many organizations, implementing an ERP solution is an expensive and time-consuming project. But work on the system should not stop after go-live. As with any piece of equipment, the efficiency of an ERP system will probably face issues or could possibly decline over time.

Spring is in the air, and for many of us that means turning our attention to maintenance chores we otherwise put off. For me that means taking my car for an overdue oil change.

Let’s take a closer look at the cars we drive. The average cost of a vehicle is about $34,342, and the average cost of maintenance for that new car is almost $1,200 per year. Most drivers consider routine vehicle maintenance to be a matter of safety, considering we spend almost 300 hours behind the wheel every year.

Now turn from the investments you make in your vehicle to the one your company has in its Enterprise Resource Planning (ERP) solution. The costs of implementing an ERP vary depending on several factors, such as deployment option, number of users and customizations. For those companies that select an on-premise deployment, annual support and maintenance costs add to the total cost of implementation. The industry average for maintenance is 15-20 percent of the software licensing cost. When it’s time for budget reviews, this maintenance cost is sometimes a line item that is questioned: Is it really necessary? We have been using the software for seven years and it continues to work fine. What value does the company gain from maintenance? We hardly ever have to call support.

Keeping Current to Stay Competitive

For many organizations, implementing an ERP solution is an expensive and time-consuming project, but work on the system should not stop after go-live. As with any piece of equipment, the efficiency of an ERP system will probably face issues or could possibly decline over time. A maintenance contract ensures your company has access to service packs and hotfixes, as well as upgrades. Just as you wouldn’t consider skipping oil changes, you should not forego periodic updates to your core business applications.

Not only is the software impacted by maintenance, but the hardware may be as well. Servers often require updates to ensure the software continues to be compatible. Servers may have to be replaced, which would require access to a license key to transfer software. Without maintenance, your operation could become “stuck” in its processes; as business needs change, your system may not be able to change with them. Such misalignment may accelerate the need to replace the ERP system, which could perhaps exceed any savings achieved by cancelling maintenance.

Without ongoing maintenance, the system may become inefficient, leading to frustration among the users. This frustration causes employees to resort to a variety of workarounds outside of standard processes, often offsetting the annual maintenance cost. An ERP system is a significant investment for many organizations, and any regression has a negative impact on the return on investment and undermines the anticipated business benefits.  

What about new regulations, which may require updates to the ERP system for compliance? Without support, the additional costs to comply via customizations and workarounds could far outweigh the annual maintenance cost, not to mention the potential risk and cost of non-compliance.

Protecting the System of Record

Outdated solutions also put your company at risk for security issues. Cybercriminals are shifting their targets from individuals to businesses large and small. ERP systems are likely targets, as they often serve as the technological backbone, a single source of truth. Vendor-delivered security patches are a part of most maintenance contracts and going without could leave your critical data vulnerable to cyberattacks.

Many who argue for cancelling maintenance point out that many of these patches are for obscure security gaps that have been in place for some time. To that argument, I point to the WannaCry ransomware attack that crippled more than 230,000 computers in May 2017. WannaCry exploited a weakness in the Windows implementation of the Server Message Block (SMB) protocol. Despite its known faults, this protocol is still prevalent on many business computers. Microsoft had introduced a security patch to address the vulnerability in March 2017, but many organizations had not yet installed it when WannaCry began to spread. Organizations must be vigilant in the application of security patches to protect the information that flows through its systems. Cybercriminals will capitalize on any and all gaps they can; assuming that obscure security gaps won’t be exploited is unwise. 

Unlocking Full Capability of Users

Not only is maintenance important for system security, but it is also important as it combats the “forgetting curve.” In 1885, German psychologist Hermann Ebbinghaus introduced the forgetting curve, and subsequent studies have proven that learning is lost over time when there is no attempt to preserve it. Taking time at occasional intervals to reexamine information greatly decreases the effects of the forgetting curve. Your maintenance agreement provides a way for your organization to combat this loss of knowledge. 

Regular use of a system builds expertise, but it can also lead to application erosion — where the user may forget the full scope of what the system can do, or users change roles in the organization and new users fill their space. New users are typically trained by the prior user, and the effects of the forgetting curve trickles down to the new user, who is not thoroughly trained. 

In a similar manner, as business needs change, employees may need additional training on previously unused features and functionality to meet those needs. Maintenance is the avenue to this valuable learning, providing access to support personnel, as well as webinars and training manuals.   

Another benefit of maintenance is the connection to the user community. Many software vendors hold customer conferences or have online forums, where users can share best practices and learn about the latest functionality from each other and product experts. Your ERP reflects your unique business processes, and as you adapt the system to meet your needs, it could be helpful to solicit advice on how to improve your workflows. Peers within your industry can offer guidance and lessons learned from their own experiences.

Balancing Risks and Rewards

Most people trade cars every seven years, so the average driver spends 24 percent of the cost of a vehicle on routine maintenance. The average lifespan of an ERP system is 10-15 years with a lower average maintenance expense. While the comparison is not an even one, it gives us some food for thought. 

Many manufacturers, especially those in food and beverage, operate on narrow margins. Reducing costs is one of the reasons why many companies implement ERP. Improving productivity and consistently operating at peak performance are benefits gained. Even though maintenance seems to be an easy expense to question, such a move could erode the full scope of those potential gains. Cancelling maintenance of that core business application should not be another cost-cutting avenue. The risks of undercutting your production gains outweigh the small financial reward.

Jack Payne is VP, Product Management & Solutions Consulting for Aptean

More in Software