{"id":16679,"date":"2026-03-22T19:52:10","date_gmt":"2026-03-22T19:52:10","guid":{"rendered":"https:\/\/bluelotus360.com\/lk\/?p=16679"},"modified":"2026-04-22T19:53:01","modified_gmt":"2026-04-22T19:53:01","slug":"erp-security-for-smes","status":"publish","type":"post","link":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/","title":{"rendered":"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#TLDR\" >TL;DR<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#ERP_security_is_really_about_control_not_just_IT\" >ERP security is really about control, not just IT<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#Why_this_matters_especially_for_Sri_Lankan_SMEs\" >Why this matters especially for Sri Lankan SMEs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#1_Roles_start_with_least_privilege_not_full_access\" >1. Roles: start with least privilege, not full access<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#2_Approvals_not_every_action_should_post_immediately\" >2. Approvals: not every action should post immediately<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#3_Segregation_of_duties_one_person_should_not_control_the_full_transaction\" >3. Segregation of duties: one person should not control the full transaction<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#4_Finance_security_where_SoD_matters_most\" >4. Finance security: where SoD matters most<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#5_Inventory_security_just_as_important_as_finance\" >5. Inventory security: just as important as finance<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#6_Small_teams_still_need_controls\" >6. Small teams still need controls<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#7_Audit_trails_make_the_controls_visible\" >7. Audit trails make the controls visible<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#8_What_%E2%80%9Cgood%E2%80%9D_looks_like_for_an_SME\" >8. What \u201cgood\u201d looks like for an SME<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#Buyer_checklist\" >Buyer checklist<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"#\" data-href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#Final_thoughts\" >Final thoughts<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"TLDR\"><\/span><b>TL;DR<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">ERP security for SMEs is not mainly about firewalls or passwords. It is about making sure the right people can do the right things, and not too many things. In practice, that means role-based access, approval workflows, audit trails, and segregation of duties across finance, purchasing, and inventory. NIST defines least privilege as giving users only the minimum access needed for their tasks, and its current guidance says separation of duties reduces the risk of abuse of authorized privileges by dividing sensitive functions across different people or roles.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For Sri Lankan SMEs, this matters because many teams are lean. One person may handle purchasing, stock, invoicing, and even reconciliations. That is efficient until something goes wrong. Blue Lotus 360\u2019s Sri Lanka positioning already leans into the controls SMEs need here: secure cloud access, approval workflows, complete audit trails, real-time inventory integration, and warehouse traceability.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"ERP_security_is_really_about_control_not_just_IT\"><\/span><b>ERP security is really about control, not just IT<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">When SME owners hear \u201cERP security,\u201d they often think about cyber threats first.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That matters, of course. But in day-to-day business, some of the biggest ERP risks are much simpler: the wrong person approving a purchase, the same user creating and posting a journal, a warehouse user adjusting stock without oversight, or a finance staff member having more access than their job actually requires. NIST\u2019s least-privilege guidance is clear that access privileges should be restricted to the minimum necessary to perform assigned tasks.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So for SMEs, ERP security should be viewed as an operating control. It is about reducing mistakes, limiting misuse, and making sure sensitive actions leave a clear trail.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why_this_matters_especially_for_Sri_Lankan_SMEs\"><\/span><b>Why this matters especially for Sri Lankan SMEs<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">In Sri Lankan businesses, especially growing SMEs, the challenge is rarely a lack of effort. It is usually a lack of separation.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A small team may rely on trusted staff doing multiple jobs. That works operationally, but it increases risk when finance, purchasing, stock handling, approvals, and reconciliations sit too closely together. Blue Lotus 360\u2019s Sri Lanka content reflects this reality well. Its accounting pages emphasize built-in approval workflows, transparency across supplier dealings, complete audit trails, and real-time inventory integration with accounting, while its WMS content highlights secure handling, accurate inventory control, visibility, traceability, receiving, inspection, stock updates, and put-away processes.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This is why ERP security for SMEs should not be framed as \u201centerprise governance.\u201d It is basic business protection.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"1_Roles_start_with_least_privilege_not_full_access\"><\/span><b>1. Roles: start with least privilege, not full access<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The first control is role design.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If everyone has broad ERP access \u201cjust in case,\u201d the system becomes harder to trust. Least privilege means assigning access based on what each person actually needs to do, not what might be convenient. NIST defines this as restricting access privileges to the minimum necessary to accomplish assigned tasks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In an SME ERP, that usually means separating access by role such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">sales and invoicing<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">purchasing<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">warehouse operations<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">finance entry<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">finance approval<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">management review<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">system administration<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The point is not to create bureaucracy. The point is to stop one role from silently gaining too much control over financial or stock-sensitive processes.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Blue Lotus 360\u2019s Sri Lanka site positions the platform around secure access, cloud security, and integrated modules, which is exactly where role-based control becomes most valuable: one connected system, but with controlled access inside it.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"2_Approvals_not_every_action_should_post_immediately\"><\/span><b>2. Approvals: not every action should post immediately<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The second control is approval design.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In SMEs, many costly ERP issues are not caused by hackers. They are caused by unreviewed actions inside normal operations. A purchase order gets approved too quickly. A payment is released without proper review. A stock adjustment is posted with no second look. A discount or credit note is processed by the same person who created the transaction.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That is why approval workflows matter. Blue Lotus 360\u2019s Sri Lanka accounting content specifically highlights built-in approval workflows for better control and complete audit trails for compliance and review.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Good ERP approvals usually apply to actions such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">purchase orders above certain thresholds<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">supplier master changes<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">credit notes and write-offs<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">journal entries and reversals<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">stock adjustments<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">manual price overrides<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">payment releases<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A strong approval design does not slow the business unnecessarily. It adds review where the risk is highest.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"3_Segregation_of_duties_one_person_should_not_control_the_full_transaction\"><\/span><b>3. Segregation of duties: one person should not control the full transaction<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Segregation of duties is the control SMEs talk about most, but often apply least.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">NIST\u2019s current guidance says separation of duties reduces the risk of abuse of authorized privileges and includes dividing functions among different individuals or roles. It also specifically notes that organizations should define system access authorizations to support separation of duties.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In simple business terms, that means one person should not control a transaction from beginning to end.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A useful rule of thumb comes from finance control guidance: approval, accounting or reconciliation, and asset custody should be separated where possible. That is because combining these functions increases the risk of mistakes and inappropriate actions.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For SMEs, the most important ERP segregation points are usually:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the person who creates a purchase should not also approve it<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the person who approves a payment should not also reconcile the bank<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the person who records inventory should not freely approve stock write-offs<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the person who maintains vendor or item masters should not have unchecked approval rights<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">the person who administers user access should not also be the only reviewer of audit activity<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">These are not large-company ideas. They are basic control boundaries.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"4_Finance_security_where_SoD_matters_most\"><\/span><b>4. Finance security: where SoD matters most<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Finance is usually the first place to review ERP access conflicts because the impact is immediate.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If the same user can create vendors, enter invoices, approve payments, post journals, and reconcile balances, the ERP may look efficient but control risk is high. UCLA\u2019s control guidance puts it plainly: approval, accounting or reconciling, and asset custody should be separated among employees.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For SME finance teams, that means reviewing who can:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">create or edit suppliers<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">enter bills or journals<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">approve postings<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">release payments<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">reverse entries<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">reconcile cash and ledger balances<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Blue Lotus 360\u2019s Sri Lanka accounting positioning supports this kind of structure through approval workflows, audit trails, transparency, and integration between invoicing, purchasing, and inventory.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"5_Inventory_security_just_as_important_as_finance\"><\/span><b>5. Inventory security: just as important as finance<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Many SMEs treat warehouse access as an operations issue rather than a security issue.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That is a mistake. Inventory is both a physical asset and a financial value. If users can receive, move, adjust, write off, or reclassify stock too freely, the ERP becomes harder to trust and audit.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Blue Lotus 360\u2019s WMS content emphasizes accurate inventory control, real-time inventory updates, receiving, inspection, automatic stock updates, put-away, secure storage, and enhanced traceability. Those are exactly the warehouse controls that help reduce unauthorized or poorly documented stock movements.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In practice, inventory-related role separation often means:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">receiving goods is separate from approving purchase completion<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">physical stock custody is separate from stock reconciliation review<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">adjustment entry is separate from adjustment approval<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">warehouse execution is separate from cost or valuation override<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">item master maintenance is controlled and reviewed<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">For trading, manufacturing, and distribution SMEs in Sri Lanka, this is often where ERP discipline pays back fastest.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"6_Small_teams_still_need_controls\"><\/span><b>6. Small teams still need controls<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The usual pushback is understandable: \u201cWe are too small to separate everything.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That can be true operationally, but it does not remove the risk.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Guidance on smaller departments is clear that if proper segregation is not possible, compensating controls are needed. University of Florida\u2019s internal control guidance says compensating controls should be treated as a last resort, not a replacement where separation is possible, because they usually happen after the transaction and are less desirable than preventive separation. It also notes that detailed review, swapped reconciliation duties, or higher-level oversight can help compensate when staffing is limited. UCLA\u2019s guidance similarly says a detailed supervisory review is required when duties cannot be separated in smaller departments.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So for small Sri Lankan SMEs, practical compensating controls include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">owner or director review of bank reconciliations<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">dual approval for higher-value purchases or payments<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">monthly review of stock adjustments<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">review of user access rights every quarter<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">independent review of journals posted near month-end<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">alerts for master-data changes and unusual transactions<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The point is not perfection. It is a documented oversight.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"7_Audit_trails_make_the_controls_visible\"><\/span><b>7. Audit trails make the controls visible<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Even good roles and approvals are weaker if the ERP cannot show what happened.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Blue Lotus 360\u2019s Sri Lanka accounting content explicitly refers to a complete audit trail for compliance and review, and its WMS pages emphasize visibility and traceability. That matters because approval and segregation controls are only useful if management can later see who created, changed, approved, or completed the transaction.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A useful ERP audit trail should show:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">who created the record<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">who edited it<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">who approved it<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">when it was posted<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">whether it was reversed or adjusted later<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">what stock or financial impact it caused<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">That is where ERP security and audit readiness overlap.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"8_What_%E2%80%9Cgood%E2%80%9D_looks_like_for_an_SME\"><\/span><b>8. What \u201cgood\u201d looks like for an SME<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">A well-controlled <\/span><a href=\"https:\/\/bluelotus360.com\/lk\/erp-for-small-business\/\"><span style=\"font-weight: 400;\">SME ERP<\/span><\/a><span style=\"font-weight: 400;\"> does not need a huge governance team.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It needs a few things done properly and consistently:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">users only have access needed for their role<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">sensitive transactions have approvals<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">no single person controls high-risk workflows end to end<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">finance and inventory changes leave a visible trail<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">management reviews exceptions regularly<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">access rights are revisited as people and roles change<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Blue Lotus 360\u2019s Sri Lanka positioning aligns well with this approach: secure access, robust cloud security, personalized support, approval workflows, audit trails, integrated accounting, and warehouse traceability in one platform.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Buyer_checklist\"><\/span><b>Buyer checklist<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Before choosing or tightening an ERP, Sri Lankan SMEs should be able to answer these questions clearly:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can we assign role-based access by function, not just by user?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can we restrict users to the minimum access they need?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can we require approvals for purchases, payments, journals, and stock adjustments?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can we separate approval, posting, reconciliation, and custody functions?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can the system show a full audit trail for changes and approvals?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can we review access rights easily when staff roles change?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">If we are a small team, what compensating controls will management perform?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Can finance and warehouse controls be managed in one integrated system?<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">If the answer to several of these is no, ERP security still needs work.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Final_thoughts\"><\/span><b>Final thoughts<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">ERP security for SMEs is not about making the system hard to use.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It is about making the system safe to rely on.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The most effective controls are usually simple: least-privilege access, sensible approvals, and segregation of duties across finance and inventory. Where full separation is not possible, compensating controls and management review become essential. That is the practical control model current guidance supports.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For Sri Lankan SMEs, Blue Lotus 360 is well positioned here because its <\/span><a href=\"https:\/\/bluelotus360.com\/lk\/\"><span style=\"font-weight: 400;\">local ERP<\/span><\/a><span style=\"font-weight: 400;\"> messaging already brings together the core elements businesses need: secure cloud access, approval workflows, audit trails, integrated accounting, and inventory and warehouse traceability. <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>TL;DR ERP security for SMEs is not mainly about firewalls or passwords. It is about making sure the right people [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":16680,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[104],"tags":[],"class_list":["post-16679","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-erp-system"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ERP Security for SMEs: Roles, Approvals, and Segregation of Duties<\/title>\n<meta name=\"description\" content=\"Learn how Sri Lankan SMEs can strengthen ERP security with role-based access, approval workflows, and segregation of duties across finance and inventory.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties\" \/>\n<meta property=\"og:description\" content=\"Learn how Sri Lankan SMEs can strengthen ERP security with role-based access, approval workflows, and segregation of duties across finance and inventory.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\" \/>\n<meta property=\"og:site_name\" content=\"Blue Lotus 360\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-22T19:52:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-22T19:53:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1698\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Editorial Staff\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Editorial Staff\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\"},\"author\":{\"name\":\"Editorial Staff\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/#\/schema\/person\/526acd03d251ac8ddd6608d691b16c4c\"},\"headline\":\"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties\",\"datePublished\":\"2026-03-22T19:52:10+00:00\",\"dateModified\":\"2026-04-22T19:53:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\"},\"wordCount\":1803,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/#organization\"},\"image\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg\",\"articleSection\":[\"ERP System\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\",\"url\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\",\"name\":\"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties\",\"isPartOf\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg\",\"datePublished\":\"2026-03-22T19:52:10+00:00\",\"dateModified\":\"2026-04-22T19:53:01+00:00\",\"description\":\"Learn how Sri Lankan SMEs can strengthen ERP security with role-based access, approval workflows, and segregation of duties across finance and inventory.\",\"breadcrumb\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage\",\"url\":\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg\",\"contentUrl\":\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg\",\"width\":2560,\"height\":1698},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/bluelotus360.com\/lk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/#website\",\"url\":\"https:\/\/bluelotus360.com\/lk\/\",\"name\":\"Blue Lotus 360\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/bluelotus360.com\/lk\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/#organization\",\"name\":\"BLUE LOTUS 360\",\"url\":\"https:\/\/bluelotus360.com\/lk\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2025\/03\/cropped-cropped-logo-bl360.png\",\"contentUrl\":\"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2025\/03\/cropped-cropped-logo-bl360.png\",\"width\":512,\"height\":512,\"caption\":\"BLUE LOTUS 360\"},\"image\":{\"@id\":\"https:\/\/bluelotus360.com\/lk\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/#\/schema\/person\/526acd03d251ac8ddd6608d691b16c4c\",\"name\":\"Editorial Staff\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/bluelotus360.com\/lk\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63788eea46e63675d80ae57cb5fc6e9a52d3083aa7f8034e9b835676b1f4ce5f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63788eea46e63675d80ae57cb5fc6e9a52d3083aa7f8034e9b835676b1f4ce5f?s=96&d=mm&r=g\",\"caption\":\"Editorial Staff\"},\"url\":\"https:\/\/bluelotus360.com\/lk\/author\/tec-seo-admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties","description":"Learn how Sri Lankan SMEs can strengthen ERP security with role-based access, approval workflows, and segregation of duties across finance and inventory.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/","og_locale":"en_US","og_type":"article","og_title":"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties","og_description":"Learn how Sri Lankan SMEs can strengthen ERP security with role-based access, approval workflows, and segregation of duties across finance and inventory.","og_url":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/","og_site_name":"Blue Lotus 360","article_published_time":"2026-03-22T19:52:10+00:00","article_modified_time":"2026-04-22T19:53:01+00:00","og_image":[{"width":2560,"height":1698,"url":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg","type":"image\/jpeg"}],"author":"Editorial Staff","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Editorial Staff","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#article","isPartOf":{"@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/"},"author":{"name":"Editorial Staff","@id":"https:\/\/bluelotus360.com\/lk\/#\/schema\/person\/526acd03d251ac8ddd6608d691b16c4c"},"headline":"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties","datePublished":"2026-03-22T19:52:10+00:00","dateModified":"2026-04-22T19:53:01+00:00","mainEntityOfPage":{"@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/"},"wordCount":1803,"commentCount":0,"publisher":{"@id":"https:\/\/bluelotus360.com\/lk\/#organization"},"image":{"@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage"},"thumbnailUrl":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg","articleSection":["ERP System"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/","url":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/","name":"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties","isPartOf":{"@id":"https:\/\/bluelotus360.com\/lk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage"},"image":{"@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage"},"thumbnailUrl":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg","datePublished":"2026-03-22T19:52:10+00:00","dateModified":"2026-04-22T19:53:01+00:00","description":"Learn how Sri Lankan SMEs can strengthen ERP security with role-based access, approval workflows, and segregation of duties across finance and inventory.","breadcrumb":{"@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#primaryimage","url":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg","contentUrl":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2026\/04\/ERP-Security-scaled.jpg","width":2560,"height":1698},{"@type":"BreadcrumbList","@id":"https:\/\/bluelotus360.com\/lk\/erp-security-for-smes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/bluelotus360.com\/lk\/"},{"@type":"ListItem","position":2,"name":"ERP Security for SMEs: Roles, Approvals, and Segregation of Duties"}]},{"@type":"WebSite","@id":"https:\/\/bluelotus360.com\/lk\/#website","url":"https:\/\/bluelotus360.com\/lk\/","name":"Blue Lotus 360","description":"","publisher":{"@id":"https:\/\/bluelotus360.com\/lk\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/bluelotus360.com\/lk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/bluelotus360.com\/lk\/#organization","name":"BLUE LOTUS 360","url":"https:\/\/bluelotus360.com\/lk\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/bluelotus360.com\/lk\/#\/schema\/logo\/image\/","url":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2025\/03\/cropped-cropped-logo-bl360.png","contentUrl":"https:\/\/bluelotus360.com\/lk\/wp-content\/uploads\/2025\/03\/cropped-cropped-logo-bl360.png","width":512,"height":512,"caption":"BLUE LOTUS 360"},"image":{"@id":"https:\/\/bluelotus360.com\/lk\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/bluelotus360.com\/lk\/#\/schema\/person\/526acd03d251ac8ddd6608d691b16c4c","name":"Editorial Staff","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/bluelotus360.com\/lk\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63788eea46e63675d80ae57cb5fc6e9a52d3083aa7f8034e9b835676b1f4ce5f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63788eea46e63675d80ae57cb5fc6e9a52d3083aa7f8034e9b835676b1f4ce5f?s=96&d=mm&r=g","caption":"Editorial Staff"},"url":"https:\/\/bluelotus360.com\/lk\/author\/tec-seo-admin\/"}]}},"_links":{"self":[{"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/posts\/16679","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/comments?post=16679"}],"version-history":[{"count":1,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/posts\/16679\/revisions"}],"predecessor-version":[{"id":16681,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/posts\/16679\/revisions\/16681"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/media\/16680"}],"wp:attachment":[{"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/media?parent=16679"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/categories?post=16679"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bluelotus360.com\/lk\/wp-json\/wp\/v2\/tags?post=16679"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}