If you as CFO are still on the fence about putting financial data and processes on the public cloud, consider what Sandeep Aggarwal and his finance and IT teams are doing at consulting multinational Aon Hewitt, which has operations in some 60 countries.
“Aon is a global leader in providing risk consultancy and advisory to our clients,” says Aggarwal, whose formal title is CFO of India, Asia Pacific and Middle East. “We certainly believe that there is no basis to believe there may be security concerns.”
The onus is on the CFO and others in the company to make sure the provider has very robust security protocols and annual audits are carried out by independent parties, which then certify the overall environments created for clients.
Aggarwal spoke to CFO Innovation’s Cesar Bacani about Aon’s decision to deploy Workday Financial Management modules over three years, what the expectations are and how these can be achieved, and other issues. Edited excerpts:
“For teams like finance, it becomes a big pain point if you have to do a lot of manual processes to meet the statutory local requirement, which is enabled to a large extent by cloud-based platforms”
I’m surprised you do not seem concerned about data hacking and other security breaches in putting financial data and processes on the public cloud.
Aon is a global leader in providing risk consultancy and advisory to our clients. We are also expanding rapidly in the cybersecurity space. When we were looking the cloud as the next-gen IT solution, we looked at multiple aspects.
We certainly believe that there is no basis to believe there may be security concerns.
With more and more organizations moving to the cloud platform for their solutions, the concern is reducing day by day. [Industry researcher] Gartner is saying that by 2018, 25% of core finance applications in large enterprises will move to the public cloud platform.
What we have observed and felt is that [Aon's chosen service provider Workday has] very robust security protocols. There are independent audits that take place and they get certified every year in terms of the overall environment that they create for their clients.
Your implementation is 100% public cloud, not a hybrid of public cloud and on-premise servers. You have concluded that the risk is manageable?
Aon has done 500 acquisitions over the years, resulting in finance having to deal with various legacy systems. Why not keep your current on-premise systems and just upgrade?
Very typical of a legacy ERP environment, you have processes that are well-defined. You’re posting transactions and getting them approved through the workflow. Then you wait for the batch runs so you can look at the impact [of the transactions on the books] and do some reporting around that.
If there is a change in the regulatory environment or the statutory requirement at the local level, then it actually becomes a nightmare. You have to do a batch upgrade or a systems upgrade. In a legacy system, everybody wants to avoid that.
In a cloud-based platform, the vendor itself looks at those changes and provides new releases and updates. You can check them in a test environment without impacting your live data. If those work, then you can take them on. So you are almost always up to date.
For teams like finance, it becomes a big pain point if you have to do a lot of manual processes to meet the statutory local requirement, which is enabled to a large extent by cloud-based platforms like Workday.
- Next page