I had the opposite experience
Big company had an outsourced payroll system which required a server on the corporate network to have a very special (poorly locked down) configuration, and for the outsourced payroll company to use a shared login to access it monthly. Terrible topography, unforgivably bad, but that's what happens when you let HR manager their own IT and bring in their own contractors.
Anyway, this thing was badly out of date, a massive security risk, and the company (a very, very big computer company) main IT security branch were on the warpath having a tidy up after a lot of lines of core product code were stolen. The hardware was on expensive extended warranty, the server took loads of rack space and needed attention. Turned out this "critical" system was just to allow a few thousand people electronic access to their payslips. Many would anyway print a copy on the company's printers.
For less than the price of the warranty, security violation special monitoring, rack space and power let alone license fee and development time, I worked out that we could print and post all the payslips directly to everybody's homes each month. This was turned down for appearances sake for a tech company!! They would rather pour money into a shit old system breaching all security guidelines, create extra policy work for everyone, all sorts out of embarrassment.