Oops I did it again: Placing blame on ERP data security failures
Last week there was story about a newly hired junior developer who managed to accidently delete their company's production database. The developer was setting up their environment and instead of entering a URL/User Name/Password specific to them, they used the example in the documentation which was tied to production. This overwrote the production database with test data. Apparently, the backups weren't restoring either. The junior developer was fired. You can read more of the story here.
Don't think that this can only happen with developers. I've seen plenty of cases where users with excessive ERP access accidently deleted data. Wiping out something like vendors or receivable data can ruin a career. There are lots of lessons here. A few that stand out for me are: