Driving rapid change and delivering better employee outcomes

The 2020s have been a period of rapid change for Unit4 Prosoft, with the end of life of our thick client v8.0 application comes a new version of Prosoft; v9 is the pure SAAS cloud version of v8.5 that leverages on SAAS microservices. Rather than discussing the generic benefits of cloud software that I’m sure many of you have heard before I wanted to take a short moment to discuss what the real implications are for our users.

Contiguous deployment

Prosoft v8.5 is a monolithic application, it’s released monthly, changes will often go through a lifecycle of analysis that can take around 1-2 months. Contiguous deployment and a microservice infrastructure work differently, code is delivered via cloud services which can be deployed at any time, this is because the service is only responsible for one micro part of the system rather than deploying the entire system as a monolith. We operate payroll services across 10 countries and HRIS services across 30+ countries, it’s not uncommon to have governments roll out changes that are not only announced late but are even sometimes retroactive, especially in the era of emergency payroll changes related to COVID. The ability to be agile and support contiguous deployment means we can deliver in days what would take at least 1-2 months to deliver in a monolithic stack. Better yet that release is just updating a microservice, so your core application is untouched making for safer regular releases.

The rising challenges of on-premise hosting

As systems leverage more and more on cloud services e.g. Maps, Government portals, Artificial Intelligence the complexity of on-premise hosting has been skyrocketing, what used to be a monolithic black-box application that could be closed off by a DMZ (demilitarized zone) has now become a rapidly changing environment connecting to tens of external third party applications. This complex web of connectivity is infinitely harder to secure than the monolithic applications of yesteryear, the standard hardening practice of blocking traffic to the server is no longer viable.

APAC Governments are rapidly moving towards API submission of data, e.g. Singapore is targeting 2022 as the last year for manual submission of IR8A, and frankly, it makes sense, with growing international sensitivity around the topic of data protection and an ever-increasing threat of data leaks there is simply no place in the modern era for saving your entire payroll data to a local PC and to be printing reports and submitting them manually. Governments are expecting data to be transmitted directly from payroll providers which have completed thorough security assessments to the tax authorities via highly secured multi-factor authenticated APIs. What does this mean for on-premise payroll users? The setup, the security assessment, the liaising between the organisation and the government to enable Portals/APIs for an individual company is completely impractical for all but the largest enterprises. The message from governments to companies while not explicitly stated is clear; SAAS is coming and failure of adoption is going to be an expensive and complex endeavour.

The rapidly evolving security landscape

Every year Unit 4 Prosoft performs hundreds of customer-based security assessments, government-based security assessments, pen tests, and 3 major audits: ISO9001, ISO27001 and SOC2 compliance (coming in 2021). In addition, we have an array of automated tools for scanning infra, scanning intrusions, and rapidly responding to any system failures. The system, cloud infrastructure, and cloud processes comply with our local APAC data privacy regulations as well as global regulations like GDPR. The regularity of assessments gives us a clear insight into the ever-evolving world of digital security for enterprise systems, namely that changes happen at an astonishing pace.

The main question that comes to mind is if our cloud team, security review team, data protection officers are investing millions into this endeavour per year how can this compare against on-premise implementation of HRIS systems? The blunt reality is that the on-prem expenditure on HRIS data security pales in comparison with SAAS expenditures and with good reason, it’s prohibitively expensive. I would strongly advise IT/HR teams to put this under a microscope, whether the immediate intention is to move to SAAS or not, when was the last time the on-prem system was pen-tested? When was the last time the security processes around its management were reviewed? Our professional services team have been doing Health Checks for customers and while it’s not a full security assessment, the team check for obvious security issues, you can enquire with your account manager to conduct such a health check.

Next-generation toolkit and empowering your workforce

The topics we have covered are critical, they give value to businesses, but compliance and security aren’t exciting topics, fundamentally Unit4 is about building systems for people in the business of helping people, this is what excites us.

Over the last year, our key objective was to launch the Prosoft People Experience in a micro-services-based SaaS architecture. This architecture underpins the delivery of intelligent enterprise applications. It provides the foundation for your organization to innovate and deliver great experiences for your people.

What does that mean for day-to-day users?

1. Leveraging on powerful SAAS microservices to deliver great products within Prosoft, Receipt Recognition using Optical Character Recognition, Chat Bots using Natural Language Processing, and Planning & Analysis tools leveraging on Machine Learning are amongst the functions developed or in development.
2. Integration capability, the Prosoft People Experience lays the foundation for building extensions that can be seamlessly integrated into the system, whether you’re a partner or a customer it means it’s feasible to build your own bespoke functionality that’s critical to your business and directly make that application accessible via Prosoft using Prosoft core data.
3. Scalable Microservices, as a monolithic application Prosoft has done much of its processing within the application. The result is if HR are doing any kind of serious data processing it would give the employees a negative end-user experience with slowness etc. Historically most companies would simply defer these tasks into scheduled evening tasks but the appetite for timely and accurate data has rapidly surpassed that. Managers want timely data in minutes, not the next day! The Prosoft v9 People Experience allows us to take these heavy processes and deliver them in SAAS-based microservices while the core application keeps humming along at optimal efficiency. The scale of processing capability of these microservices is well beyond anything that can be delivered in an on-premise environment as the infrastructure for individual services can be the equivalent of multiple customer on-premise web servers.

So I’d like to end with this final message; while Unit4 Prosoft continues to ensure our on-premise 8.5 customers get the enterprise-level experience they expect, it’s important to highlight that these cloud capabilities in Prosoft v9 are impractical for on-premise solutions as they leverage heavily on native cloud technologies and cloud scalability. As we move from the 2020s into the 2030s more and more of business will be about connecting your employee data to the cloud securely, installing, managing, securing and connecting on-premise HRMS will continue to be more challenging. It’s a good time to either be thinking about moving to SAAS or assessing the feasibility of a future move.