4
April 2018
Robotic Process Automation (RPA) and Task Automation
Andy Harris
Robotic Process Automation (RPA) is a hot topic redolent of 1984 and SciFi cinema, but here at Osirium, we’ve been offering automation functionality within our solutions for more than eight years in our Privileged Task Management module.
Experience across multiple clients has helped us learn exactly what RPA means for your business and where it can add value to your development lifecycles.
RPA is a way of using software robots to automate routine, repetitive processes across your organisation. Because of the promise to reduce payroll costs, improve customer service and allow businesses to focus on high-value, competitive activities, searches for Robotic Task Automation and RPA prompted more than two thousand Google searches in the last year. This makes it of equal interest to Privileged Access Management.
In Osirium’s world of Privileged Access Management, an example of RPA would be automating Network Switch Port Assignments. Errors in such tasks, such as spelling mistakes or errant commas, can cause significant disruption and security breaches. Automating these tasks puts a virtual, tireless, error-free and cheap workforce at your disposal. But, before we all start envisaging CyberMen, alienated staff and artificial intelligence, let’s take a reality check.
With RPA software potentially used to connect multiple business applications, it follows that the software will need access to Privileged Accounts to gain access and swap information. With third parties and your own IT teams continually deploying and configuring these robots in response to business need, Robotic software will quickly become a significant risk for enterprise security. Remember, regardless of attack origin, leveraging privileged accounts is a critical success factor for attackers in 100% of all advanced attacks.
It follows then that any firm considering a robotic software project must also plan to include a robust Privileged Access solution. Osirium, with its emphasis on separating people from passwords, will enable your development teams to harness the power of robotic software without allowing malicious insiders to corrupt the robotic tasks or steal credentials and customer data.
Not only can Osirium Automation function as a critical software adjunct to Robotic Software Deployments such as Chef, Puppet and Ansible, but it has its own task automation built in. DevOps and SysAdmins can use our simple template language to automate tasks that are carried out by a privileged user, such as service restarts or password resets. These tasks can be configured within minutes, tested and then deployed and monitored.
Automating such tasks improves productivity, allowing high-value staff to concentrate on activities that generate business value. Furthermore, automation also acts as an extra way of securing your business by removing even more processes that involve exposure to vulnerable accounts from human control. Every automated process is audited and reported – reducing compliance burden and allowing management teams to identify errors swiftly.
In the real world, DevOps is not static: projects are planned, implemented, refined, and eventually decommissioned. Osirium PAM is a cost-effective way of providing support for the security needs every step of this journey.
Many of our customers start with Osirium’s Third Party Access functionality – protecting new development projects from the threat posed by new vendor partners and contractors. Once established, the inbuilt automation functionality can be used for ‘business as usual’ and administrative tasks that are central to the operational lifetime of a business system. Enterprise Class Password Lifecycle Management reduces both the operational cost and risks of your software projects. GDPR compliance with respect to data access is strongly enforced.
At the end of the project lifecycle, PAM makes it simple and fast to understand exactly which user accounts remain in use or require de-provisioning. Decommissioning of a software project is often overlooked despite posing a latent risk. Once complete, it’s time even for the robots to be retired.