How automation can lead to improved security for workflow management

Technologies developed for business use can be expensive and may require significant time and effort to implement, negating the reason for their implementation in the first place.

Where there are frequent requests for account changes, additional access or physical resources, the efforts can be time-consuming. While organisations may believe they are able to manually facilitate all of the requests and that their process is functional, there are several downfalls that they may not realise are creating issues. These include problems like errors and security issues.

It is not always ensured that the correct people gave permission and users can accidentally be given access to systems and applications that they shouldn’t have. Additionally, the organisation has no way of knowing who requested what and who has access to which systems and applications.

A lower level employee might ask a manager or the IT department for access to certain, secure systems. That IT employee might not have the authority to give out access and accidentally give permissions to a system that the lower level employee should not be accessing.

What is workflow management and how can it improve security and efficiency?

Workflow management is a controlled, automated process with a defined sequence of tasks that can replace an otherwise manual process performed by multiple people. This allows for a streamlined and efficient process for employee requests.

So how can this help with ensuring security and efficiency? Using a web portal, employees can easily request access to anything they need (applications, name changes, mailboxes, distribution lists, etc.). A workflow is set up by the organisation so that when a user requests a change, the request then goes through a predefined sequence of personnel who need to approve it before the change is implemented. The workflow can be set up in any manner that the organisation requires.

Depending on the user and what they request, the process goes through a certain order. Managers can also easily carry out a multitude of management tasks themselves, such as managing temporary log-ins, administering rights to shares and distribution groups, requesting new user accounts and password management tasks such as resetting passwords. Having a workflow in place leads to consistent processes. This also means that nothing is getting mis-communicated or lost.

Additionally, it ensures that the correct people are giving permission so that there is no misunderstanding and the end user is not receiving or gaining access to a system that they should be restricted from. A manager simply clicks that they either approve and the process either moves along or stops. If there is a denial, the ability to give reasons is also provided so the employee has an understanding of why the request was denied.

This makes the entire company more efficient by streamlining requests so that employees know exactly what needs to be done to get their change approved.

Innovation in workflow

While workflow management can be extremely helpful, there have been innovations that have made the implementation and management that much easier for organisations. One of the newer innovations is the ability to easily customise the workflows. While workflow management can be enormously beneficial for end users, it can be a bit difficult for the system administrator to set up if the workflow is a bit more complicated than a single level of approval. It often requires a consultant from the software company to help the system admin to customise exactly how it should be structured.

If, for example, the organisation needs a complex workflow set up where they may require a request to branch out into two separate requests that need to be approved, or a request may require two levels of approval before it should be carried out. The greater the customisation and complexity that is needed to make the workflow functional, the more time consuming it can be to set up the workflow.

System admins want to make workflow easier for the end user, but do not want to spend months setting it up. Some software companies offer the innovative ability of a drag and drop interface to set up the workflow. The system admin can easily create a flow chart with different nodes to represent the action that needs to be taken after a request is made by an end user. They can drag and drop “action” nodes for active process, and “passive” for those in which no action is being taken, such as a request waiting for approval, or waiting to process a request. This makes it extremely easy for the system admin to develop a flow chart and visually see the process that each request needs to go through. This means the admin needs minimal programming skills to be able to easily create the workflow and can then easily export and import the workflow between development and production environments.

While this drastically reduces the difficulty of setting up a workflow, it also reduces the time and money involved. The organisation can implement a workflow much more quickly than they would have without a drag and drop interface. Additionally, this makes the cost of implementation that much lower as the consulting time required is significantly reduced.

Example

A good example is if an employee makes a requests for a new administrator account. This type of account, since it has high privileges, usually requires more than one level approval to be created. The workflow can be set up so that when a user requests this type of account, a notification is automatically sent to an IT manager and also the CIO. Both approvals are necessary before the account creation actually occurs. When both approvals are given, the account is then automatically created as the final step of the workflow process.

Another example is if a manager is requesting a new account be created for one of their new employees. This manager may send a request for a new account and also check a box that says the user also needs access to SAP with specific role requirements. The workflow can be set up to automatically create two approvals from that one account request. One would be sent for approval of the new Active Directory account and the other for the SAP account. These are two independent requests, so when each is approved the accounts are created automatically as the last step of the workflow.

These examples show how a drag and drop interface can assist with easily creating more advanced workflows. Organisations are able to implement a workflow that can ensure security by requiring approval from more than one person, or create accounts in different systems with one originating request, while not needing to spend a great deal of time implementing the workflow.  

Dean Wiech, managing director of Tools4ever

Image Credit: wavebreakmedia / Shutterstock