Posts

4 Steps to Master Intelligent Process Automation

Intelligent process automation is transforming the global economy, delivering momentous gains to enterprises that adopt it at scale. One article by McKinsey revealed that some organizations have been able to automate 50 to 70 percent of their workflows, generating ROI that reaches into the triple-digits. In addition to cutting costs, intelligent process automation can also deliver precision, speed and enhanced customer experience.

In order for organizations to enjoy the full value of intelligent automation, IT leaders must be willing to take a guiding role. Unfortunately, many IT executives find this challenging, whether due to the increased complexity of IT processes, lack of understanding and/or clarity, inconsistent or fragmented tools that hinder scaling, or the misconception that intelligent process automation cannot be adopted without major re-engineering of existing processes.

How can these challenges be overcome? And how can IT leaders succeed in their automation initiatives? The answer to these questions lies in the following four key steps along the intelligent process automation journey.

Step 1: Evaluate the high-level potential value

The first step in becoming an intelligent process automation leader starts with the development of a clear business case. This involves assessing the potential high-level value of the company’s main IT activities. Some examples of what these areas of value might look like include:

Incident Response – A significant number of IT incidents are initiated through support desk requests. These typically result in tickets being created and assigned to Level 1 support agents. While these are the obvious candidates for automation, the portion of tickets that are escalated to specialized L2 and L3 agents are also ripe for the picking, thanks to the advanced technology behind intelligent process automation. And since these activities are generally well-documented, categorizing and prioritizing them by automation potential should be relatively straightforward.

Planned Activities – In addition to the one-offs and unexpected support tickets that crop up, IT is also responsible for performing a number of planned activities on a regular basis. These activities typically include things like backups, upgrades and patching. They may also involve more complex security audits. The amount of time and resources required to perform these duties can collectively add up to around 20 percent of the IT budget. Calculating this figure can help determine the potential savings intelligent process automation can deliver.

Introducing New Applications – From a business perspective, this activity is often viewed as the one that produces the most significant value. It can also account for an additional 20 to 40 percent of the time and resources put forth by IT. These activities are not exclusive of application development, either. They also include such tasks as testing and hosting. This places increasing demand on both the application team as well as the infrastructure group.

Step 2: Dig deeper to identify which specific use cases are best suited for intelligent automation.

Determining how to effectively implement intelligent process automation requires a deep dive to uncover the root causes of issues. It may also involve the untangling of complex systems and the development of an accurate picture of how to leverage automation to extract the greatest value. In other words, the process is a complicated one and requires a certain degree of commitment. Let’s take the three potential use cases above as an example.

Incident Response

Automating IR begins with identifying which incidents are the best candidates, which can be challenging. The goal should always be digging deep enough to uncover the “why” of documented incidents. Without this information, efforts are futile. Text-mining can help by automatically reading ticket descriptions and extracting the necessary insights to sort them into three categories:

  • Automatable
  • Requires machine learning
  • Highly cognitive/manual

This analysis should leave you with a prioritized list of incidents to automate and the type of automation best suited for the job.

Planned Activities

Most enterprise-grade IT departments rely on industry-standard tools to manage their infrastructures. Unfortunately, due to factors such as advanced customization, adjustments due to mergers and specific user requirements, managing these systems often requires a significant amount of manual effort, diminishing the overall value.

For instance, despite the widespread adoption of infrastructure and application monitoring tools, support teams are often unable to respond effectively to the logs being generated, either because there are too many of them or because of the many reasons why they are being generated in the first place. As a result, IT leaders are often unclear on how to approach intelligent process automation implementation.

In situations such as this, machine learning technology can be “trained’ to identify the reasons behind alerts and then either recommend or autonomously make better decisions on which action to take. This eliminates much of the complexity for the IT team.

Introducing New Applications

Many IT executives fall into the trap of focusing solely on the reduction of manual labor. As a result, they fail to see and achieve the full value potential of intelligent process automation. Faster and more accurate delivery of applications requires the development and design of a new operating model, with an emphasis on DevOps and agile.

Reviewing this entire process to gain an understanding of how to make the most use of this new operating model can result in entirely new approaches to work. Intelligent process automation can facilitate some of these new ways of working. For instance, automating the testing process will enable applications teams to iterate more quickly. Likewise, developing a self-service model for things like automated server provisioning allows the operations team to become more responsive. The list goes on.

Step 3: Execute your proof of concept

In order to demonstrate the true value and validate your case for intelligent automation, the next critical step is executing a proof of concept. A great place to start with this is incident management. Organizations that have successfully deployed intelligent process automation for incident management have been able to achieve substantial cost savings in a relatively short period of time.

Thankfully, there are many different incidents that can quickly and easily be automated to support your proof of concept, including such tasks as password resets and employee onboarding. In its most basic form, a proof of concept requires the following:

  • Collaboration with subject matter experts to identify where automation can best be applied and understand all the steps and systems involved in a particular process or workflow.
  • Careful selection of an intelligent automation platform. Look specifically for products that can be integrated with existing systems and applications and offers pre-packaged, no-code options. (This will enable rapid adoption and time-to-value.)
  • Obtaining necessary IT and overall business approvals with regard to regulatory constraints, security guidelines and access limitations.
  • Ongoing testing and monitoring to capture results and document value

This phase is also an ideal time to consider building stronger internal intelligent automation capabilities; for example, developing a team to spearhead a future automation center of excellence (CoE). This team will ultimately become the foundation and engine that drives all IPA initiatives.

Step 4: Build intelligent automation capabilities to scale

Achieving the full benefits of intelligent automation requires the development and nurturing of certain skills and capabilities, in addition to rolling out an entirely new company-wide culture. This is essential as successful adoption of IPA requires that automation become embedded into the very heart of the organization itself. There are plenty of ways to accomplish this, but generally speaking, companies that have been successful have done the following three things:

Build on success to expand into new areas of IT (and beyond).

Once the basic tasks and workflows have been automated, it’s time to move on to more advanced level-2 and level-3 activities. The IT team should be expanding beyond incidents to begin leveraging the AI and machine learning technologies to assist with things like analytics and decision support. The goal is to eventually roll out intelligent process automation to as many routine and complex processes as possible.

Spread the word.

With a strong foundation of capabilities and experience, IT leaders can begin to position themselves as subject matter experts for the rest of the organization. This process involves continued outreach, such as connecting with other leaders across the enterprise to advise them of the specific benefits IPA can have for them. This outreach also provides the opportunity to identify additional areas where automation might be beneficial.

Explore the advanced elements of intelligent automation.

While the majority of organizations have thus far only focused primarily on simple process automation, the future belongs to those with an eye toward artificial intelligence and cognitive learning. These solutions are already making an impact on companies with forward-thinking leaders. The best way to break into this arena is to start working on small AI initiatives. From there, just like basic automation, you can continue to build, expand and grow.

Intelligent process automation is maturing rapidly and quickly becoming a core component of the IT landscape. IT professionals who recognize the importance and understand how to develop their automation capabilities have the potential to become respected leaders in the process – a title that will serve them well throughout their careers.

cio guide to operational efficiency

How Intelligent Process Automation Can Help You Scale at a Moment’s Notice

Imagine how much your organization could accomplish if you had an army of employees at your disposal. More importantly, what if these employees were perfectly happy waiting in the background for the next time you needed them? That’s essentially what you’ll get with intelligent process automation. Let’s take a look at the surprising way AI can provide your business with the scalability you need to stay on top of your game.

Instant Access

With human workers, it’s not feasible to drastically increase your workforce whenever the need arises, nor is it easy to decrease your numbers when things get slow. There’s a complicated process behind all of this and time is not on your side. With intelligent process automation, however, you have a team of AI-powered robots who are ready, willing and able to get the job done at the flip of a switch.

Consistency

Bringing different employees up to speed via on-boarding and training can be challenging and time-consuming, especially in today’s fast-paced, digital age. Not to mention the fact that you have to initiate the entire process over again every time someone new joins the team. Intelligent robots, on the other hand, can be “trained” in groups of any size with the outcome being routine and perfect consistency across the board.

Cost Savings

Recruiting, hiring, training and retaining talented employees costs money. In addition to intelligent automation providing the ability to scale up or scale down instantly as well as train and deploy thousands of bots while maintaining complete consistency, all of this can be done at a reduced cost to the business.

Now, let’s take a look at a few real-world applications that put these benefits into action.

Scenario 1

Your business is launching a new product or service and, as a result, will incur a substantial increase in transactions. Your current workforce is already maxed out and you don’t have the time or the ability to hire any additional employees. Intelligent process automation can step in and bridge the gap, handling the influx of work at any capacity necessary without the major hassle and expense of staffing. Then, once things settle down, you can scale back down to normal as needed.

Scenario 2

Business has been particularly lucrative as of late and you’ve had to increase output significantly to meet the increased demands of your customers. Suddenly, the market takes a turn for the worse and your numbers start to rapidly decline. With intelligent process automation in place, you won’t have to face the possibility of laying employees off. Rather, you could just scale back the number of robots you’re deploying.

Scenario 3

One of your biggest competitors has launched a new product or service and you’re scrambling to develop and implement something similar. Chances are you can’t afford to hire a slew of new employees to help bring your comparable product or service to market. Besides, doing so would take too long. But, putting too much pressure on existing team members could result in costly mistakes and QA issues. Intelligent process automation, on the other hand, is available at the ready to take on whatever is necessary for you to remain competitive.

Without question, intelligent process automation has the potential to bring your business to the next level. Are you ready? Give us a call today or download your free 30 trial now to get started.

How to Automate Investigation of Active Directory Security Breaches

Author: Guy Nadivi

It’s estimated that 90% of organizations around the world use Active Directory as their primary identity service for authentication and authorization. Hackers know this, which is why Active Directory has become one of their favorite targets. Of course, it isn’t just hackers looking for vulnerabilities in order to gain access to your network resources. It’s also insiders.

Regardless of whether your attacker is external or internal, if successful, they can cause enormous damage to your enterprise, both financial and reputational. Automation can help accelerate investigation of these security breaches, and as a result, greatly reduce an organization’s exposure from attacks on corporate Active Directory deployments.

What makes Active Directory so popular among organizations?

One obvious thing is that it’s published by Microsoft, which makes Active Directory the default choice for Windows environments.

Active Directory is also very configurable and customizable, making it popular for organizations with very specific identity access requirements.

Additionally, Active Directory is very adept at centralizing management of compute resources and identity access, which eases the administrative burden on technical staff. A major benefit!

Finally, it’s fairly easy to manage Active Directory since it has a familiar Windows interface.

It turns out though that all the same benefits which make Active Directory so popular with System Administrators, also makes it popular with a couple of other demographics.

I’m referring of course to outside hackers, working either as individuals, or as part of crime syndicates, or even under state sponsorship from an adversarial nation.

Increasingly, Active Directory is also being targeted by disgruntled employees, or insiders motivated to commit harm against YOUR organization. One spectacular recent example of that is Edward Snowden, the former NSA employee who stole hundreds of thousands of incredibly sensitive classified documents that were subsequently leaked to the public. His case illustrates what can happen to an organization even as hyper-security conscious as the NSA if it focuses too much on defending against outsiders – it gets blindsided by an insider.

There are many best practices that security experts recommend to protect your Active Directory from people with nefarious intentions like outside hackers or disgruntled employees. I won’t go into depth about those recommendations, but I do want to mention one you’re probably already familiar with that’s very important: Least-Privilege Administrative Model.

This is the principle of restricting access rights for users, accounts, and computing processes to just the resources absolutely required to perform their job. For example, if all a particular user needs for their function is to read documents, then there’s no need to also give them access to write documents.

That’s why the Least-Privilege Administrative model is considered a simple concept that’s easy to understand.

If you implement the Least-Privilege Administrative model, it’s going to be effective at reducing risk for your enterprise, which in turn will increase security. Sounds great so far, right?

As it turns out though, the Least-Privilege Administrative model is rarely implemented by organizations. Despite the general consensus about its positive benefits, it’s considered too difficult and tedious to actually use.

Coincidentally, I found an interesting quote about implementing least-privilege administrative models in a document published by the organization which knows better than anyone about Active Directory’s security vulnerabilities – Microsoft!

The first part of the document reads “…..in assessing Active Directory installations, we invariably find excessive numbers of accounts that have been granted rights and permissions far beyond those required to perform day-to-day work.”

A little further down in this document it talks about the sophistication of those attacking Active Directory and says “Unfortunately, the path of least resistance in many environments has proven to be the overuse of accounts with broad and deep privilege.”

If you’re interested, and especially if you’re tasked with securing Active Directory, I recommend reading this Microsoft document yourself (“Implementing Least-Privilege Administrative Models”).

Those administrating Active Directory as part of their job role know that implementing the Least-Privilege Administrative Model is the best option in terms of effectiveness, but it’s also difficult to implement. What then should one do?

Ayehu proposes that you consider a modified Least-Privilege Administrative Model that applies to all administrator accounts, and relies on automation to ensure strict compliance.

How would that work? Conceptually something like this.

In Active Directory, there would be tiers of privilege for various administrative accounts based on the tasks a given administrator type would need to carry out. However, in accordance with our model, those accounts would receive the least amount of privilege needed to accomplish those tasks, and nothing more. Every administrator account would then be assigned to a given tier.

Ayehu’s automation platform would integrate with Active Directory to automate much of the enforcement of these strict tiers.

When there is any movement between the tiers, or even a new account created, Ayehu would provide automated detection, investigation, and triage services to the appropriately designated SysAdmin via a simple Slack interface, and would furthermore document all of this activity in a standard ServiceNow ticket.

If implementing a full Least-Privilege Administrative model is impractical at your organization, using this approach allows you to at least deploy it for your admin accounts. That way, you can leverage Ayehu’s enterprise-grade automation to tie together all these components into an effective unified defense for Active Directory.

With an estimated 90% of organizations using Active Directory as their primary identity service for authentication and authorization, it’s just a fact of life that AD is going to be under relentless assault, from both external and internal attack.

There is no one solution that can completely protect Active Directory from all the different angles those attacks vector in from. However, automation does have a role to play as an important defensive tool for Active Directory by making implementation of a modified Least-Privilege Administrative model for your admin accounts a far more feasible option than it might otherwise be.

If you’re interested in test driving Ayehu NG and seeing how it can help secure your Active Directory deployment, please visit our website and download your very own free 30-day trial version today by clicking here.

Automating Remediation of Splunk Alerts with Ayehu

Author: Guy Nadivi

Many of our customers use Splunk, the market leader in their space. Due to the large volume of alerts Splunk generates, we often get asked how Ayehu can help offset some of the laborious manual work involved in remediating those alerts. We’re going to answer that question with a great use case many of you will find very familiar – freeing up disk space on a server (with a slight twist).

Remediating low disk space is on our list of top 10 highest value automation use cases. Ayehu can automate the toil out of that particular process using a combination of Splunk, ServiceNow, Slack, and Ayehu NG.

Let’s talk a bit about Splunk. It will come as no surprise to most of you that Splunk continues to be a market leader in its category. Here’s Gartner’s 2020 Magic Quadrant for the SIEM market showing Splunk just edging out IBM as the highest entry in that upper rightmost LEADERS square.

Just in case it’s difficult to read, the y-axis where they’re higher than everyone is a measurement of Ability to Execute.

The x-axis measures vendors by their Completeness of Vision, and Splunk’s doing pretty good on that metric as well.

This is clearly one reason Splunk is viewed as a market leader.

Being a market leader often translates into higher market share. Not surprisingly, Splunk is now #1 in market share with 16.5%. They recently dethroned IBM which is #2 with 13.2%. And rounding out the top 3 is Microsoft with 8.4%.

As of the end of Fiscal Year 2019, Splunk reports 19,400 customers.

According to Gartner, Splunk has an astounding 30.4% growth rate.

And 92 of the Fortune 100 are Splunk customers.

The reason Splunk is doing so well, as a lot of you already know, is because they’re great with machine data.

Splunk captures data, from logs, web servers, and lots of other places. Then it indexes that data to facilitate flexible searching and fast data retrieval. Splunk can then begin to correlate that data, which will often reveal relationships between seemingly unrelated events, and help accelerate root cause analysis. Splunk can also visualize this data into dashboards, graphs, and other outputs.

However, the biggest output from Splunk that most people in IT operations are probably familiar with is the alerts. Boy, oh boy can Splunk generate a lot of alerts!

And you know what that often leads to? Alert fatigue. Let’s face it, prior to the pandemic your service desk was already pretty overwhelmed. Now with the added burden of everyone working from home, they’re having a hard time keeping up.

Just how serious is alert fatigue? I’m going to address that with this brief quote:

‘There are too many security alerts coming in, and not enough people and time to deal with them all. In fact, approximately 64% of security tickets generated per day are not being worked. Let that sink in. The majority of security alerts received by security teams are not being analyzed and resolved. This is the essence of “alert fatigue”.’

And who is that quote from? Splunk themselves. They posted those exact words on their website earlier this year (Splunk Blogs – January 17, 2020).

Now this is a quote specifically about security tickets, but everyone knows it’s the exact same story in network operations where you have alerts flying at you from every direction 24×7.

The solution to alert fatigue, and really the solution to freeing up people from a lot of the laborious, repetitive, predictable tasks that comprise so much of IT operations, is automation.

Automation is going to:

  • Deflect tickets away from your service desk, which in turn allows technicians to focus on higher value projects
  • Reduce and/or eliminate errors which has the added benefit of reducing and/or eliminating rework, an often overlooked but significant drain on resources
  • Save time and money for the service desk, the IT department, and ultimately your organization
  • Almost certainly increase IT’s customer satisfaction scores, which is becoming an increasingly important KPI, in many cases linked directly to individual bonus compensation

BTW, many of you I’m sure are familiar with PwC also known as PricewaterhouseCoopers. They’re one of the Big Four accounting firms and 2nd largest professional services network in the world. Since March of 2020, they’ve been regularly surveying CFOs around the globe to track their sentiments in response to the COVID-19 crisis. In their most recent survey, during the weeks of June 1 and June 8 they asked 989 CFOs from 23 countries or territories around the world about their top priorities going forward.

The response from the CFOs was that “…50% report they plan to accelerate automation and new ways of working.“

So that’s the direction things are going in – automation. Actually, many of you know firsthand it was already going in that direction, but COVID-19 has unexpectedly expedited things.

Speaking of automation, Ayehu doesn’t just automate activities in Network Operations Centers.

Many of our customers use the Ayehu NG platform to also automate activities in their Security Operations Centers.

That makes sense, right? Splunk can send an alert notifying you about low disk space on a network drive, and Splunk can also send an alert that a ransomware attack is underway on a server. In both cases, that alert can come to Ayehu NG, where you can run an automated workflow, or playbook if you prefer, that automates the remediation response.

In fact, when it comes to security, many of the attacks themselves are automated, and there’s simply no way humans can respond quickly enough.

So if the attack is automated, shouldn’t the response to defend against it be automated too?

It should be, and you can automate all these kinds of things for both domains from a single pane of glass with Ayehu NG.

If you’re interested in test driving Ayehu NG and reducing alert fatigue in your organization, please visit our website and click here to download your very own free 30-day trial version today.

5 Things the Aviation Industry Can Teach Business Leaders about Being Successful with Automation

It’s not uncommon for business leaders to borrow phrases from the aviation industry when discussing their job duties. “Take charge of the cockpit,” “navigate through turbulence,” and “ensure a safe landing,” are just a few that come to mind. All of these things can also be applied within the context of digital transformation. Specifically, if you’re planning an automation initiative, here are five key things you can learn from a pilot’s point of view.

Be Prepared

In aviation, proper preparation is critical. Prior to each flight, the pilot must meticulously work through a pre-flight checklist. Is it tedious? Certainly. But it’s absolutely necessary to ensure a safe and successful journey. Similarly, business leaders must prepare well in order for their automation project to be “ready for takeoff.” In particular, they must do the legwork to develop a deep understanding of the processes and workflows they wish to improve before attempting to automate them.

Map the Journey

If a pilot were to take flight without knowing where they were heading and how best to get there, the results could be catastrophic. Likewise, it’s essential to adequately map out the specific path you intend to take for automation within your organization. This involves not only determining the processes you want to automate, but also prioritizing them to achieve quick, measurable wins. This will allow you to lay the foundation for more widespread adoption of automation in the future.

Become an Expert

A person cannot simply hop into the cockpit of a plane and fly. Being a successful pilot requires learning, practice and continuous improvement. From a business perspective, automation should never be a temporary solution. It should be fluid and evolutionary. It should focus not only on achieving the desired results as they exist currently, but also with an eye toward achieving ongoing growth and improvement. It should never just be a “set it and forget it” type of project.

Use Your Tools

The beauty of modern aircrafts is that they are loaded with advanced technology designed to assist pilots and make their jobs infinitely easier. The same can be said for the right automation platform. IT teams can and should leverage technology to help guide and support their efforts. For instance, artificial intelligence can be deployed to identify potential problems so they can be remediated right away, before they have the chance to wreak havoc. Meanwhile, machine learning and predictive analytics can be used to help business leaders make better, more data-driven decisions.

Learn from Your Mistakes

Just as every pilot will face turbulence at some point, even the most successful automation initiatives will experience a few bumps in the road. How you navigate those turbulent times will make or break the outcome. Like pilots – wise business leaders know that drawing from their past experiences will help them better handle future uncertainties. The pressure to get everything perfect the first time will be great, but acknowledging, preparing for and learning from the snags that will inevitably occur along the way.

While experience in the cockpit can teach business leaders a lot about success, winning the race for automation doesn’t require a pilot’s license. By following the five key lessons above, you should be able to coast your way to a perfect landing.

Want to see what automation can do for your organization? Download your trial of Ayehu NG today and experience the full power of intelligent automation free for 30 full days.

Looking for Quick Wins with Your Automation Project? Focus on These 5 Key Areas.

Without question, intelligent process automation has made a significant and permanent impact on the tech world. This technology has essentially provided IT professionals with the ability finally accomplish what they’ve been challenged with for decades: optimizing performance and maximizing uptime while minimizing costs. Now, routine time-consuming tasks as well as complex workflows can be streamlined and handled almost exclusively without the need for human input. In short, intelligent process automation has changed the face of IT for the better.

Just getting started and eager to see some results? Let’s take a closer look at five specific areas where intelligent process automation can produce the greatest benefit and fastest return, both for your IT department and your enterprise as a whole.

IT Unification – The old way of doing business involved individual silos and separate departments. In the digital age, the most successful organizations are the ones that are able to harness technology to break down these barriers and bridge inter-departmental gaps, effectively promoting collaboration and fostering innovation. Intelligent process automation can provide the tools necessary to achieve this type of universal organization.

IT Infrastructure – In order for a business to function cohesively across all departments, there need to be a set of streamlined and standardized procedures and technologies in place. This includes best practices, virtualization, cloud computing and more. When this type of environment is created, intelligent process automation can then provide the opportunity for your tech team to leverage their expertise and improve skill levels for the maximum benefit of the department and the company in its entirety.

IT Support – Support that is enhanced with intelligent process automation can ensure fast and incident-free roll-out, implementation and adoption of best practices. It can also improve processes, such as migrations, ensure more effective enforcement of compliance requirements and ultimately boost service levels across the board.

IT Operations – With more pressure being placed on IT professionals to not only manage their specified workflows, but also possess an in-depth understanding of overarching business practices, these workers must find a way to become better-equipped to meet these demands. Intelligent automation can help by allowing IT operations the optimal allocation of resources so that personnel can focus on furthering their education and expertise.

General Routine/Repetitive Tasks – Those every day, repetitive manual tasks that your IT department is buried under are inevitably costing your business money. Workflow and self-service automation options can alleviate this concern by taking the burden off the IT team. Not only can this vastly improve efficiency and productivity, but it can also cut costs in the long run.

With demands on IT professionals increasing at a rapid rate, the need for enhanced technological solutions has never been greater. Intelligent process automation can help your organization meet these evolving needs so you can remain competitive and achieve ongoing success, both now and well into the future.

cio guide to operational efficiency