Securing the Office of Finance in the Cloud -- Separating Fact from Fiction
Upcoming SlideShare
Loading in...5
×
 

Securing the Office of Finance in the Cloud -- Separating Fact from Fiction

on

  • 622 views

According to Forrester Research, the global cloud computing market is valued at an estimated $40.7 billion. In the future, this market is expected to grow exponentially, as companies accelerate their ...

According to Forrester Research, the global cloud computing market is valued at an estimated $40.7 billion. In the future, this market is expected to grow exponentially, as companies accelerate their adoption of cloud computing.

It's clear that cloud computing is being widely adopted as a cost-effective strategy for deploying mission-critical applications within the enterprise. Yet, myths regarding privacy and security often cloud the decision-making process.

Join us for a Webcast that will explore the facts and fictions of cloud computing for the Office of Finance. In an effort to set the record straight, our distinguished panel of experts will dive into topics that include cloud security, risk management, and finance.

The panelists for this Webcast are:


Moderator: Russ Banham, Contributing Editor, CFO magazine

Dr. Lothar Determann, Partner, Baker & McKenzie LLP

John Hugo, Vice President and Corporate Controller, Life Time Fitness

Stan Swete, Chief Technology Officer, Workday

Statistics

Views

Total Views
622
Slideshare-icon Views on SlideShare
621
Embed Views
1

Actions

Likes
0
Downloads
22
Comments
0

1 Embed 1

http://www.slashdocs.com 1

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • If you are already connecting your workers using tools on the internet, then there is no differenceWhether you are saas or on-prem, the key is what are you doing to secure your system? There is no difference in terms of how you should approach security regardless of approach. Approach should be the same. What access are you giving people, what’s your firewall look likeNot an issue between saas and on-prem. How you secure any system in an internet enabled world
  • Where has saas grown up?Payroll – highly sensitiveSales forecast data – sensitive to businessHr – major adoption occurred here, super privateAll of it is incredibly sensitive – financials no differentNone stands head and shoulders above the others
  • Compehensive – accounting, it, legal, marketing (business, legal, technical – not just technical)Vendors have experienceDepthBreadthMaturityLocal & globalLegal ramificationsOngoing Changing regulationsHave succ
  • Seed questionAny areas where security can be stronger with SaaS than with on-premise?

Securing the Office of Finance in the Cloud -- Separating Fact from Fiction Securing the Office of Finance in the Cloud -- Separating Fact from Fiction Presentation Transcript

  • Securing the Office of Finance in the Cloud -- Separating Fact from Fiction Dr. Lothar Determann Partner, Baker & McKenzie LLP John Hugo Vice President and Corporate Controller, Life Time Fitness Stan Swete Chief Technology Officer, Workday Moderated by: Russ Banham, Contributing Editor, CFO magazine Thursday, April 12, 2012
  • Securing the Office of Finance in the Cloud -- Separating Fact from FictionAccording to Forrester Research, the global cloudcomputing market is valued at an estimated $40.7 billion. Inthe future, this market is expected to grow exponentially, ascompanies accelerate their adoption of cloud computing.Its clear that cloud computing is being widely adopted as acost-effective strategy for deploying mission-criticalapplications within the enterprise. Yet, myths regardingprivacy and security often cloud the decision makingprocess.
  • About WorkdayWorkday is the leader in enterprise-class, Software-as-a-Service (SaaS)solutions for managing global businesses, combining a lower cost of ownershipwith an innovative approach to business applications.Founded by PeopleSoft veterans Dave Duffield and Aneel Bhusri, Workdaydelivers unified Human Capital Management, Payroll, and FinancialManagement solutions designed for todays organizations and the way peoplework. Delivered in the cloud leveraging a modern technology platform,Workday offers a fresh alternative to legacy ERP.More than 280 customers, spanning medium-sized organizations to Fortune 50businesses, have selected Workday. Visit us at www.workday.com.
  • Myths About Cloud Security• Myths about security, data privacy with Cloud Computing cloud decisions• Entrusting data to specialized service providers is not new• Cloud computing does not necessarily increase security risks
  • On-premise vs. Cloud Security• Whether personal data is safer on a system secured by the data controller in-house or an external vendor depends on security measures deployed by each particular organization.• Fact is that many organizations find it difficult to stay in control over modern IT systems, whether they hire service providers to provide IT infrastructure or whether they host, operate, and maintain systems themselves.• It is important for customer and vendor to reach a reasonable agreement about what level of security is appropriate for particular types of data and who should be doing what… for either type of provider.
  • Expansion of SaaS for B2B Sales Force Automation Payroll Human Resources Expense Management Financials Payments
  • Key Stakeholders  Comprehensive Evaluation – IT – Legal / Procurement – Corporate Leadership  Look for vendors who: – Have successful local & global deployments – Are able to respond in detail to requirements – Invest to keep abreast of regulatory changes
  • Questions Regarding SaaS/Cloud• Senior management and Board of Directors early concernsincluded: - Initially, “what is SaaS”? - Followed by, “what is the “Cloud”? - Are we comfortable operating our key financial systems this way?• Business Review Meetings and Audit Committee of BOD quarterlyupdates were (and still are) provided, focusing on: - Emphasis on maintaining strong internal controls - Focus on security - Physical and environmental security - Data integrity - Code and Logic security• Reliance on SSAE 16 (formerly SAS 70) reports• Reliance on success of management with prior company
  • Business Drivers & Benefits• Initial interest was with Workday, with cloud an eventual “bonus”• The off-premise concept, including integration management wasintriguing• Access to all traditional ERP applications, without traditionalERP arrangement• Currently, Workday applications in the cloud: - Human Capital Management, Expenses (reimbursement), Payroll [all live at least 2 years] - Procurement, Supplier Accounts (AP), Banking [go live during 2012] - Financials (GL), Customer Accounts (AR), Fixed Assets, Projects [go live during 2013]• Cloud strategy supports our project requirements of: - Increased efficiency (speed of system and business processes) - Improved accuracy and reporting - Lower overall cost• Managing security and data privacy with third party vs. internal - Ensure highest level of controls around cloud security (internal vs. external expertise) - Cost – Benefit of internal controls maintenance internally vs. reliance on third party - Zero tolerance for breach
  • Standards & Certifications Key Certifications –SOC-1 / SSAE-16 –ISO 27001 –Safe Harbor
  • Advice to Companies Evaluating the Cloud• Besides operational, functionality and pricing considerations, consider: – does the vendors data security safeguards meet legal requirements and match or exceed your own standards? – does the vendor give you what you need for your own compliance program (information, contractual commitments, EU adequacy)?
  • Is Cloud Computing Bad for Security?• No, not inherently. However, it must be supported with a culture of security, but this is not specific to cloud computing.• Using a cloud system doesn’t mean you can shirk responsibility for the security of your systems to vendors.• Whether personal data is safer on a system secured by you or your vendor depends on who you and your vendor are and on the security measures deployed by each particular organization.
  • Q&A Dr. Lothar Determann Partner, Baker & McKenzie LLP John Hugo Vice President and Corporate Controller, Life Time Fitness Stan Swete Chief Technology Officer, WorkdayModerator: Russ Banham, Contributing Editor, CFO magazine