Based on this emerging and inevitable trend, a secure payroll network is essential. Maintaining a secure network is dependent upon following a number of best practices. Three I recommend to stay ahead of the trend and minimize risk are:
- Check the daily logs to both understand baseline activity and identify anomalies
- Ensure that intrusion detection and prevention software (IDPS) has been installed
- Ensure a breach notification policy is in place
3. What additional steps will enable global payroll departments to maintain security in 2016?
Security has been the cloud’s ostensible Achilles heel virtually since inception. I say “ostensible” because it’s often been much more about perception than reality. In 2016, look for security to improve—both on the merits and in how the user community regards it. New auditing procedures and standards bodies that improve on Statement on Standards for Attestation Engagements (SSAE)-style audits will, in fact, deliver greater security and much more uptime, and offer users that much more peace of mind as a result.
4. Please share your insights on trends in the various public, private, and hybrid cloud implementation options. What question should organizations be asking?
IT specialists within global payroll organizations are in an unenviable position. They need to serve as tech emissaries to their companies without necessarily letting on just how obtuse the IT world has become.
A case in point is an understanding of the so-called “hybrid cloud.” Even though I believe hybrid is generally the way to go, the term “hybrid cloud” has been stripped of any real meaning. The truth is, everything is hybrid now. It’s akin to having a conversation about breathing oxygen.
Way back when the term ASP (Application Service Provider) was a fresh addition to the lexicon, “hybrid” did indeed mean something quite specific. The idea was that virtual machines were under a company’s physical control in a data center—where applications were hosted. And that same department might then contract with a managed, application, or cloud service provider to put some of that workload in the provider’s virtual environment.
In other words, global payroll professionals built their own infrastructure and placed some applications in another virtual infrastructure—hence, “hybrid.” IT mavens would go to VMware or HP, build a virtual data center, and tie the two things together with an application programming interface. Done.
Somewhere along the way, as the cloud expanded beyond the known universe, something (e.g., the true concept of hybrid) got lost in translation. Today, some of your workload is under your control, and some is outside of your control—that’s just painfully obvious. From that perspective, the hybrid cloud is ubiquitous, even pervasive. The majority of global payroll departments rely on servers and computers. This means that some data resides on various desktops; some is stored with Apple or Dropbox or Microsoft, and some organizations have embraced SaaS and virtualization.
The right question isn’t, “Should I go on or off premises? Should I opt for the hybrid cloud, the public cloud, or a private cloud?” The smart question is, “What’s strategically best for my organization?” When you frame the query in that manner, you can determine where to place your computing power, and you begin to gain control over the dynamic. Want to reduce costs? Increase efficiencies? Achieve some other objective?
First, decide what your metrics are and how they serve your enterprise–then select the technology. Go back to basics. Pick the tool that works. Otherwise, the tail wags the dog.
Or worse, the dog ends up chasing its tail.
5. With an eye toward the trends that are likely to define 2016-17, what counsel can you offer to companies considering migrating global payroll to the cloud?
When selecting a cloud-based solution, the application comes first. After all, you don’t select the knife before you choose the food you plan to cook. There are an abundance of installable products and SaaS offerings to meet any global payroll processor’s needs. The bigger, more strategic question is, “What are your needs?” If the solution you’re eyeing isn’t a cloud product, look to an IaaS (Infrastructure-as-a-Service) company to make it a cloud product.
6. Are there any trends emerging in 2016-17 that will make that migration more effective or more challenging?
If you’re a payroll processor and you have a package you particularly like, you won’t have to move all your customers to a SaaS company. You’ll be able to pick up and move to an IaaS provider with the package you already know and love. Look for this to be the Year of Pain Relief; you won’t need to go through the migration headaches. Thanks to the cloud, it really is getting easier and easier. More tools exist, and applications and operating systems will continue to become more accessible.
7. As organizations weigh the differences between IaaS and SaaS, which approach will be more appropriate for global payroll in the year ahead?
If you’re a new payroll processor and have no legacy software—if, in other words, you’re looking at a green field in 2016—it’s easy to start with a SaaS offering, although you will need to consider your options carefully. If, on the other hand, you’re not new to the field, you may already have some favorite applications among the myriad quality installable products. In that situation, this could be your year to move to IaaS, which means a third-party provider hosts hardware, software, servers, storage, and other infrastructure components on behalf of its users. The choice isn’t between the two approaches, then, so much as it is determining where you fit along the continuum.