• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Risks and rewards of placing employee benefits systems in the Cloud

Risks and rewards of placing employee benefits systems in the Cloud



Is Offsite Software Hosting Safe and Secure?

Is Offsite Software Hosting Safe and Secure?
Presented by:
Howard Kaplan
Director of Business Development
LBi Software



Total Views
Views on SlideShare
Embed Views



6 Embeds 74

http://www.lbisoftware.com 25
http://localhost 20
http://penguin.lbisoft.com 16
http://www.techgig.com 10
http://penguin.lbisoftware.com 2
http://www.linkedin.com 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Take a few minutes to discuss the evolution of computing and the security issues as it evolves
  • Really no external security concerns
  • As PC’s became more powerful and prevalant in the workplace, they started to replace expensive mainframe systems. Richer user experience.

Risks and rewards of placing employee benefits systems in the Cloud Risks and rewards of placing employee benefits systems in the Cloud Presentation Transcript

  • Risks and Rewards of Placing Employee Benefits Systems in the Cloud Is Offsite Software Hosting Safe and Secure? Presented by: Howard Kaplan Director of Business Development LBi Software
  • Agenda
    • Introduction
    • A Brief History of Computing
    • SaaS & Cloud Terms Demystified
    • 3 rd Party Hosting vs On Premise Deployment
    • Risks and Rewards of 3 rd Party Hosting
    • Engaging Your IT Department
    • Summary
    • LBi Overview
    • Q&A
  • A Brief History of Computing
    • Mainframes and Green Screens
      • Intra-company system
      • Maintained by internal staff
      • Prior to the PC
      • Direct (hardwired) terminal to mainframe connection
      • Leased (dedicated) data lines for remote access
      • Zero risk of external malicious access
  • A Brief History of Computing
    • Client Server
      • Intra/Inter company system
      • Maintained by internal staff
      • User’s Desktop PC = “Client”
      • Powerful PC(s) = “Server”
      • Local Area Network (Ethernet)
      • Wide Area Network (Internet & Leased Lines)
        • V irtual P rivate N etwork (VPN) (“point to point tunneling”) encryption
        • Password encryption
      • Virtually zero risk of external malicious access
  • A Brief History of Computing
    • Application Solution Provider (ASP) Hosting
      • 100% 3 rd party hosted
        • No servers onsite
        • Support split - Internal IT & ASP host
      • Generally Dedicated Servers
        • 100% Internet accessible
        • Dedicated machine(s) running only your application(s)
          • No sharing with other companies
      • VPN access recommended
      • Very minimal but possible risk of external malicious access
  • A Brief History of Computing
    • Software as a Service (SaaS)
      • 100% 3 rd party hosted
        • No servers onsite
      • Virtual Servers (Cloud)
        • 100% Internet accessible
        • Machines may run multiple Operating System environments
        • Shared servers with other applications and customers (i.e. Google apps)
        • Shared application (multi-tenant)
      • VPN or other encryption recommended
        • HTTP vs HTTPS (Secure Sockets Layer - SSL)
        • Other methods available
      • Minimal but possible risk of external malicious access
  • SaaS & Cloud Terms Demystified
    • SaaS - Primarily a software licensing model using cloud deployment architecture
      • Multi-Tenant Architecture = Multiple customers sharing the same application instance and (usually) the same database (i.e. salesforce.com, citibank.com, gmail, etc.)
      • Single-Tenant Architecture = One customer per application instance and database
      • Deployed in the Cloud (Over the Internet in a shared environment)
  • SaaS & Cloud Terms Demystified
    • Cloud Computing – Software deployment model
      • Computing via the internet
      • On-demand network access
      • Shared pool of configurable resources
      • Rapid deployment
      • Infinite scale
  • What is SAS 70 Type II?
    • S tatement on A uditing S tandards
      • Standard by which auditors evaluate servicing companies
        • Unbiased reports by an auditor
        • Provides service organizations a reliable and widely recognized means of disclosing their internal security controls and processes to their customers
      • Evaluation includes the way the service / company conducts its business
  • Http vs Https (Secure Sockets Layer)
    • Using an Https connection:
      • The server responds to the initial connection by offering a list of encryption methods it supports
      • In response, the client selects a connection method, and the client and server exchange certificates to authenticate their identities
      • Then both parties exchange the encrypted information after ensuring that both are using the same key
      • In order to host https connections, a server must have a public key certificate , which embeds key information with a verification of the key owner's identity
  • Secure Sockets Layer (SSL)
    • When using a SSL connection (https):
      • Recognized by a secure padlock which appears in the browser
      • Web server requires the use of an SSL certificate
  • Security Breaches Happen
    • “ A Wisconsin teenager has been arrested and charged for allegedly hacking into a Pentagon computer in June and illegally accessing a U.S. Army computer, according to the Department of Justice.”
    DOJ charges teen with Pentagon hacking
  • Security Breaches Happen
    • “ Epsilon, a marketing services firm based in Dallas, has warned clients that a massive breach in an email database may have exposed the names and emails of thousands of users.
    • Among the affected clients are Best Buy, RitzCarlton Rewards, JPMorgan Chase, Capital One and Citi.
    • Epsilon maintained that no financial information – credit card numbers, for instance – has been revealed.”
    How many email warnings did you receive recently?
  • Why Host vs. On Premise Deployment
    • Minimal security considerations
    • Selected vendor solution offered only in a hosted environment
    • Price important
      • Capital vs Operating budget availability
    • Deployment timeline
    • Limited internal IT resources
    • Limitless scalability
    • Reliability (99.99%+ uptime guarantees)
  • Driving Cloud Adoption
  • Cloud Economics
    • Estimates vary widely on possible cost savings
    • “ If you move your data center to a cloud provider, it will cost a tenth of the cost.” – Brian Gammage, Gartner Fellow
    • “ Use of cloud applications can reduce costs 50% to 90%” - CTO in Washington D.C.
    • Preferred Hotel
      • Traditional: $210k server refresh and $10k/month
      • Cloud: $10k implementation and $16k/month
  • Why On Premise vs. Host Deployment
    • Maximum security
      • European “Safe Harbor” laws an issue
    • Available IT resources
    • Price not an issue
      • Long term lowest cost
    • Greater internal control
    • Company policy
  • Risks and Rewards of 3rd Party Hosting
    • Risks
      • Security - Higher risk in a shared server/virtual server environment and/or no VPN access
        • SAS 70 Type II audit provides high level of assurance that effective security procedures are in place
        • Data encryption options
        • Risk still low
      • System down - Major hosting providers provide multiple layers of backup and redundancy
        • Offsite / off grid Disaster Recovery options
        • Offsite data backup
      • Internet Down - Everyone is down
  • Risks and Rewards of 3rd Party Hosting
    • Rewards
      • Price - SaaS solutions generally have much lower upfront costs and low monthly costs vs. outright software purchase and onsite implementation services
      • Support - 24/7/365 maintenance and support included in the price & guaranteed uptime, commonly 99%+ uptime
        • Minimize need for internal IT resources
        • Patches and upgrades are generally automatic
        • Scales up on demand
      • Deployment Time - Generally much faster than a local software implementation
        • Software already installed and ready to configure
        • Infrastructure in place and ready to go
  • Engaging Your IT Department
    • Be part of the discussion
      • Voice your issues and concerns
    • Trust your IT department
      • They understand the technology, risks, company policies, their resource constraints, etc.
    • Work together in the vendor selection process
      • Weigh functional requirements vs supportability
      • Gain consensus
  • Summary
    • Trust your IT staff to design the safest environment for your needs
    • Use VPN and other encryption technologies
    • Select only SAS 70 Type II certified providers
    • Consider Disaster Recovery options (redundancy)
    • Frequent offsite data backups (at least daily)
    • Plan ahead for your worst case scenario
  • LBi Software
    • Established 1982
    • Primary Focus on Human Capital Management (HCM) Solutions
    • Legacy in custom HCM development
    • Custom & Packaged solutions
    • Web 2.0 Development expertise
    • IVR/CTI/Speech Recognition expertise
    • Mission/Business Critical solution delivery
  • LBi Software Products
  • Q&A