New company HR system has me worried?

glenimp617 · 1 Nov 2021 at 18:44

We have tendered for a new company HR system which is to be outsourced and externally managed.

I've not had anything to do with the project so far, but just been asked to cast my eye over the proposal.

I'm a bit worried to be honest. It looks like the HR software runs on windows server, connected to a windows SQL server. Access to be done over RDS. This strikes me as being a bit year 2000. I've nothing against windows at all, don't get me wrong. Just seems very strange our users are logging in to another domain over RDS to access the HR system.

Surely these days the backend is stuck on azure/aws app and storage pools and users just connect in via a browser.

Maybe this is the norm? just strikes me as being a bit odd is all.

If this is what it is, we might as well host it ourselves.

Throrik · 1 Nov 2021 at 23:00

HR Systems are very often very 2000. Unfortunately.

gpuerrilla · 1 Nov 2021 at 23:31

Yes, HR systems suck from what I gather. Our work system is definitely 2000, it got an 'upgrade' recently by the third party and still looks very 2000 lol.

It is however all cloud based so not sure teleporting back to self hosted servers and windows stuff unless your own company requirements has forced that tbf.

Hyburnate · 1 Nov 2021 at 23:59

A tender for a system that relies on IT, carried out and awarded without IT involvement... this sounds very public sector.

glenimp617 · 2 Nov 2021 at 07:57

Hyburnate said:
A tender for a system that relies on IT, carried out and awarded without IT involvement... this sounds very public sector.

it is

It does make me wonder considering we already have our own decent infrastructure with RDS (inc MFA on it), why we don't host the damn thing ourselves.

The document even had pages all about windows updates and when they rebooted the servers. It all seemed very strange indeed.

glenimp617 · 2 Nov 2021 at 08:10

ok, so small update this morning already. Despite my email yesterday, the contract has just been signed and I have to now get involved to ensure it's all ok.

Hyburnate · 2 Nov 2021 at 08:21

TheOracle said:
ok, so small update this morning already. Despite my email yesterday, the contract has just been signed and I have to now get involved to ensure it's all ok.

All of our thoughts are with you at this time.

For what it's worth, 99% of HR systems are awful. In fact most things that aren't related to IT are awful, we had a system our accounts used to transfer payroll data without MFA??

glenimp617 · 2 Nov 2021 at 08:26

Hyburnate said:
All of our thoughts are with you at this time.

For what it's worth, 99% of HR systems are awful. In fact most things that aren't related to IT are awful, we had a system our accounts used to transfer payroll data without MFA??

our finance system runs on JAVA 6. They won't upgrade it either.

gpuerrilla · 2 Nov 2021 at 08:31

Hyburnate said:
All of our thoughts are with you at this time.

This

#Chri5# · 2 Nov 2021 at 09:27

TheOracle said:
ok, so small update this morning already. Despite my email yesterday, the contract has just been signed and I have to now get involved to ensure it's all ok.

At this point you find it's just plain RDP exposed to the entire Internet...

Deleted member 77746 · 2 Nov 2021 at 09:31

TheOracle said:
ok, so small update this morning already. Despite my email yesterday, the contract has just been signed and I have to now get involved to ensure it's all ok.

Just smile, nod your head like a church hill nodding dog and finish the job. You wasn't the one who agreed to it and signed it off.

#Chri5# said:
At this point you find it's just plain RDP exposed to the entire Internet...

I hope it's not.

glenimp617 · 2 Nov 2021 at 09:34

#Chri5# said:
At this point you find it's just plain RDP exposed to the entire Internet...

Oh no doubt, I'll be testing that before saying anything

ubern00b · 3 Nov 2021 at 11:51

And users will need to be local admins for it to work...

Berserker · 9 Nov 2021 at 10:21

As others have said, RDP and/or Citrix are still very common even in large enterprises, so nothing about this surprises me in the public sector. That's far from the worst of it though - I know of at least one office building that was, until a few years ago, reliant on Windows 3.1 for a building management system. Java didn't even exist back then!

Deleted member 77746 · 9 Nov 2021 at 10:26

ubern00b said:
And users will need to be local admins for it to work...

Nasty.

jfish · 10 Nov 2021 at 14:55

nothing new, I know one major financial institute who provide access to a full desktop on a server (via Citrix VDA) to run applications.