I was happy to see that salesforce is making strides to make their system more interoperable with legacy (on-site) applications and Salesforce Lighting and oData are good steps in that direction. My experience has been that there are usually concerns that are raised by either SAP BASIS personnel or from the Security team to allow for unrestricted access to the SAP system.
Depending upon the level of security at each company and the focus on how much access a company is willing to give to a specific integration project will determine how much flexibility will be given to the salesforce business users. Remember CIO’s never were fired because of too much security… I suspect the CIO’s and the Security teams of hacked companies have a lot of explaining to do about their security policies!
Generally there are several common sense approaches that can help with giving the business units a 360 degree of integration for their department without compromises to security. Remember the use of oData and Lighting gives access to an ERP system that was previously controlled exclusively by the Security teams of those ERP systems! You have to consider their point of view when attempting to access ERP data! After all its going to be their “head” that will roll of there is a security breach!
There are several common sense approaches that can be used to limit a company’s exposure potential security vulnerabilities…. But that a discussion for another post! I be curious to hear your comments on how security is handled at your organization! No Names Please :)