Secure IT Process Automation – Dream or Reality?
Mark Warren
Is it possible to automate IT tasks, improve security and improve customer service?
IT Help Desks have always been under stress but perhaps never as much as today.
There are plenty of reasons why: increasing complexity of systems, higher end-user expectations, business initiatives and, of course, the need to improve security and resilience.
Traditional IT Automation isn’t fit for purpose
Traditional solutions to improve help desk service have usually relied on some kind automation. Of course, that makes sense as there’s little point in repeatedly performing the same manual tasks. Unfortunately, that automation has also introduced new problems. Scripts were created in many different languages and only the author might know they exist let alone what they do. More importantly, those scripts would have difficulty driving vital shared services or devices using administrator user names and passwords. In the worst cases these credentials might even be included in the scripts and becoming a major security vulnerability.
Gartner have identified what they call “IT Process Automation (ITPA)” as the group of tools to co-ordinate, sequence and orchestrate service delivery across multiple IT functions. But, they also point out,” they remain aspirational automation targets for most I&O leaders, who are focused on task-level automation.” That “aspirational” tag is critical – most IT teams want better automation, but few can achieve it.
The Solution is Privileged IT Process Automation
There is now a better way – a new solution from Osirium called Privileged Process Automation (PPA). Privileged Task Automation has always been a key part of Osirium’s Privileged Access Management (PAM) solution. For many Osirium customers, PPA, as it’s known, saves them many hours every day and hundreds of days every year. Indeed, Gartner highlighted the strengths of Osirium’s task automation in their recent PAM Magic Quadrant.
But, PTM is not the complete solution. Many IT tasks, for example, new joiners or updating security policies across multiple devices, need changes in many systems. That usually means aligning several experts to complete a task along with the complexity of managing multiple sets of privileged account credentials.
Osirium CTO Andy Harris wrote an excellent blog on the topic of automation and privileged access.
How PPA is different
PPA takes a new approach to automating IT processes. The PPA architecture is built from the ground up to be ready for privileged systems access. It’s integrated with Osirium PAM to use those privileged credentials. Alternative password vaults can be used if one is already in place (by default, HashiCorp vault is supported, but others are easily added).
As might be expected, at the heart of PPA is a workflow engine. This is built using modern containerisation technology to create highly flexible, and scalable workflows. Importantly, it also means containers are transitory, so privileged credentials are never exposed unnecessarily.
Finally, PPA provides “human guided automation.” Users can provide information such as a help desk ticket ID or validate data returned from a service before completing a task. For example, they confirm which user’s account needs to be updated before making a change.
Moving beyond traditional IT
Early adopters of PPA have reported massive gains in productivity. Initial use cases have included common tasks such as creating new user accounts or unlocking user accounts. They may seem like small tasks but are frequently repeated so sucking up valuable IT resources. We’re also seeing complex tasks that previously needed 2nd or 3rd level administrators to complete now being delegated to first-line support engineers.
Some are even starting to consider how to move PPA out into their business. For example, letting HR teams access PPA directly to drive the new joiner process rather than raising a request with the IT team. That could be considered the ultimate goal of many IT teams’ initiatives to “shift left” service requests.
But this is only the first release of PPA. The core technology shows much promise in the realms of DevOps, IoT and business process automation.
Summing up, there may never be a time when IT Help Desks are not under stress but, with secure, flexible automation like PPA, they should be spending more of their time on high-value tasks, and end-users will have faster turnaround on their requests.
