treasuryandrisk.com JUNE 2017 SPECIAL REPORT TREASURY & RISK 15
“When you are on the cloud, the client
is only paying for the system,” he said.
“Everything is covered.”
EY’s Bramwell said companies now get
considerably more functionality for their
money than they did five years ago.
“The price of technology has fallen, and the
entry-level introduction to treasury technology
is much more attainable and achievable, even
for companies on a relatively small budget,”
A recent Association for Financial
Professionals (AFP) survey showed that
more than half of treasuries in North
America still rely on spreadsheets and
banking portals, he noted.
“There’s no reason from a pricing
perspective they shouldn’t go out and consider
using some sort of solution,” Bramwell said.
“I’d be surprised if even the smallest company
couldn’t see some return on investment for
Companies used to be wary of trusting their
financial data to the cloud, but those concerns
have largely dissipated.
“In the early days of cloud, one of the
reasons people were worried was because of
security,” said Ed Page, a managing director
at the consulting firm Protiviti and leader
of the firm’s national financial services IT
Cloud providers and solution providers
“have aggressively addressed” those security
concerns, Page said, and “in many cases, the
capabilities in the cloud are as good as the
capabilities in on-premises solutions.”
He cautioned, though, that companies
using cloud solutions have to be careful
to implement security measures correctly.
“The cloud providers, Azure or [Amazon
Web Services], have really, really good
security capabilities that you can avail
yourself of, but you have to make sure you
use them properly,” Page said, comparing
the situation to on-premises security: “If you
don’t lock the doors, somebody can get in,
even if you have dead bolts and all kinds of
He cited a company that put its data in the
cloud but “then basically left their keys to the
data completely unsecured.
“Not surprisingly, they had their Internet
property stolen because they left their keys
open and in the clear,” Page said. “Even
though they put the security on, they didn’t
use it and paid the price.”
Some providers of cloud solutions say the
situation has reversed to the point where the
cloud is arguably more secure than installed
TreasuryXpress’ Rahal said cloud providers
can roll out any type of security a corporate
customer could desire.
“If you’re using Google or Microsoft
Azure, they have all the certifications,” he
said. “Any firewall you want or security
policy you want to apply, it’s already there.
Just check the box.”
Reval’s Pettinato pointed out that the
centralized nature of cloud technology lets
providers respond quickly to cyber threats.
“When there’s something that happens
and we have to make a change or an
adjustment, or even an evaluation [of]
‘Is my environment secure?’ we can do it
immediately; it’s a one-to-many model,” he
said. “If I was responding to that client by
client, it could take me weeks or months, and
by the time I was through we’d be on to the
Cloud providers also have an advantage
because they’re dealing with security not just
at the infrastructure level but for software
as well. “Having the provider think about
it holistically, both from infrastructure and
software, where the technologies are married
together to secure clients’ data and prevent
intrusions, is very, very important, and
having a cloud solution like this is the only
way to really do that,” Pettinato said.
You’re not spending any time worrying about
hardware, software, setting up security—
that’s all managed by the vendors.
—PHILIP PETTINATO, REVAL
—ANIS RAHAL, TREASURYXPRESS