em360tech image

Automation is not only transformative for business productivity, but can drive improved security, so it pays to take another look at how IT automation can be applied in cybersecurity.

Privileged Access Management (PAM) protects how people access vital IT systems; Privileged Endpoint Management (PEM) reduces risk by protecting what users can do on their workstations. Both are critical in modern defence against ransomware and other attacks. The first controls who has access to what systems and with what level of access. Endpoint management reduces the risk when needing administrator privileges on local workstations. Both are important but a missing link in many cybersecurity strategies is controlling the work being done while using that privileged, or elevated, access. That’s where automation comes in.

According to McKinsey, automation has become a strategic priority for business success, especially when they use automation to put humans more 'in the loop' - informing them better - breaking down siloes and enabling scale-up.

Yet automation hasn’t been as broadly adopted for IT operations as one might think, partly due to perceptions that automation is more about cost saving, but also that it could actually introduce, rather than reduce, risks. This phenomenon has frequently been seen in relation to cybersecurity systems - which are often seen as blockers to productivity, whether in the SMB or at enterprise level as teams devote headspace and precious minutes to managing the cybersecurity requirement.

According to recent independent research commissioned by Osirium, 92 percent of respondents overall see the value in delegating IT tasks from admins to the helpdesk or end-users, but less than half (43%) delegate most of their work at present, with risk being the most common reason for not delegating more.

Yet this doesn’t have to be the case: with secure process automation of IT operations that require privileged access, cost and risk can be reduced while improving productivity. Almost as importantly, it can also deliver improved service for end-users.

Layering one traditional tool upon another and adding yet another solution to cope with the evolutions in the cyberthreat landscape simply adds complexity, and when systems are so complex and multivariate, they typically also become more difficult to manage, even for highly experienced professional staff. This means that, ultimately, they become a source of weakness rather than strength.

Think about it: if you personally had to perform all the manual tasks needed to start your car every day - disconnecting the immobiliser, prime the fuel pump, set the choke, connect the starter motor to the battery, start the starter motor, check for engine running, disconnect the starter, and the like - how long would it take you to get to work?

If you make mistakes in the task itself or the sequence required, you will struggle to go anywhere fast (or slow, for that matter).

The analogous helpdesk

By comparison, the typical IT helpdesk performs many simple tasks, like resetting user passwords and unlocking user accounts over and over again. Multiple actions are involved, from verifying genuine requests to accessing the user management console to navigate to specific user accounts, which must then typically be validated - all before actually resetting the password and notifying the users.

Delays in implementing these seemingly simple requests can impact the business directly. Even worse, if errors are made while making the changes (it’s a busy human being doing the work and even the most experienced admin can make mistakes) then security risks can arise such as granting a user access to more systems than they need.

IT admins may already be using automation using scripts, but they often rely on their own toolsets to do so - often, only they know those tools exist and what they do, and user credentials are sometimes included in the scripts to save even more time. Some IT teams have adopted Robotic Process Automation (RPA), but this may only be applicable to a limited number of IT tasks.

Automation not only reduces the chances of human error but also means admins can confidently delegate tasks, allowing staff to focus on requirements that draw from their own specific skillsets.

It follows that automating processes that need privileged access can be the missing link in a very high proportion of organisations, not least because relying on traditional tools has become counter-productive - resulting in environments that are too complex and  difficult to manage. Greater benefits can accrue, too, when cybersecurity and automation technology can be combined and requirements streamlined with a built-for-the-job Privileged Protection and Automation solution.

Automation can be key, not only to improve security, but transform IT and business operations, reducing workloads and boosting user satisfaction, by freeing up resources to redeploy towards achieving core business objectives and growth.

Mark Warren, Product Specialist, Osirium