One of the biggest issues in IT management today is a significant skills shortage, particularly when it comes to security. There will be approximately 3.5 million unfilled jobs in cybersecurity by 2021, according to Cybersecurity Ventures (opens in new tab). For each one filled, two more will open. It’s a problem that already affects nearly three-quarters of organisations (74 per cent), and IT teams are stretched thin to make up for the shortfall of workers. As a result, many important tasks, such as executing routine updates and ensuring that each endpoint is properly configured, tend to slip in lieu of shorter term priority concerns.
To ensure that the available qualified employees can handle all of the vital components of enterprise IT operations, organisations are going to have to explore new tools that make jobs easier and tasks faster to complete without skimping on security. This is where automation comes in. Automation offers teams an opportunity to offload some of the mundane, time-consuming, and even more complex tasks. By freeing up staff to concentrate on problems that absolutely require real-time human attention and decision-making, IT teams can ensure that enterprise operations hit peak efficiency and optimal security.
Automation is not an all-or-nothing prospect, however. The best way to offset the enormous demands placed on IT departments is to apply automated solutions to very specific issues. Here are five tasks organisations should consider automating for smoother IT operations.
- Forget artistry, opt for IT automation (opens in new tab)
Vulnerability assessment and remediation
With cyberattacks on the rise, organisations have to develop strategies that make it easier to find, prioritise, fix, and report on vulnerabilities. Cybersecurity Ventures predicts that by year-end ransomware will attack businesses every 14 seconds. To prevent becoming a casualty, enterprises have to scan and monitor potentially hundreds of thousands of devices. It’s simply not feasible to do that manually, despite the various standards and resources in place.
In the process of finding, assessing, and remediating vulnerabilities, time is a crucial factor. Research shows that it can take between seven to 14 days for a known vulnerability to be exploited, yet it currently takes organisations an average of 38 days to remediate vulnerabilities once they are found. This significant lag can be disastrous for enterprises both monetarily and brand-wise.
The way vulnerability management traditionally works is that once a vulnerability is identified, a service ticket is opened, and someone is expected to manually fix the issue. At the rate vulnerabilities are appearing, Fortune 1000 businesses initiate millions of tickets, completely overwhelming IT departments. Fortunately, new automated solutions not only find and assess but also can instantly remediate an estimated 80-90 per cent of vulnerabilities, solving in seconds-to-minutes what takes days or weeks to resolve manually. This allows team members to focus more of their attention on those vulnerabilities that automation cannot address and shores up risk.
- Why test automation isn’t happening like it should - and what can be done about it (opens in new tab)
The move to Windows 10 is an enormous undertaking by IT departments. We found that 72 per cent of enterprises are moving to Windows 10 because of security, but companies can’t take advantage of these features if systems aren’t configured correctly. Manually configuring endpoints and navigating the associated complexities occupies a tremendous amount of staff time. It is also why nearly a quarter of respondents don’t expect to complete migration before Microsoft officially ends support for Windows 7 on January 14, 2020. Automation designed for migration can help.
Automated solutions check to be sure hardware meets the prerequisites for migration. These solutions ensure that each endpoint is set up correctly and every machine has the right authorisations prior to its reimaging. Automating tasks like these saves countless hours and eliminates potential migration problems before they happen. Automated solutions also flag issues so that humans can evaluate and resolve them before attempting to deploy the new OS.
In addition to migration preparation, automated solutions also help with migration tasks themselves. For example, automation can provide assistance moving from BIOS to UEFI or PXE booting machines. Migrating to Windows 10 is a heavy lift, but automation can make the process more manageable.
While not as exciting on the surface as applications for vulnerability management and Windows 10 migration, there are three other areas where automation can make a substantial impact on IT operations and employee workload—the first of which is configuration management.
Teams can’t just configure their OS and applications once and forget them. Endpoints must be managed perpetually according to policies. For example, when scanning computers, someone needs to make sure that the file extensions used match corporate policy and application standards so that if anything is wrong, it gets flagged if not fixed. DNS settings also have to be correct so that devices can be communicated with properly. Issues like this fall into the mundane bucket, but configuration management is a time-consuming task. Automated solutions can do this grunt work for teams much more efficiently.
In a study conducted for ServiceNow, the Ponemon Institute found that half of the 3,000 companies it surveyed experienced one or more data breaches in the last two years, and nearly 60 per cent of those hit reported that a known vulnerability yet to be patched was responsible. Even though patching seems like a no-brainer, IT operations teams overwhelmingly report problems prioritising software updates and thus run behind on patching the ones that matter most. Underscoring this point, a separate Ponemon Institute study revealed that only 15 per cent of cybersecurity professionals believe their patching efforts are highly effective. Sixty-nine per cent scan once a month or, in some cases, even less—and you can’t find and patch vulnerabilities if you don’t scan for them.
While automating patch management won’t solve the entirety of the patching challenge—IT still has to test a patch before rolling it out—automation can reduce the sting, pushing patches to the right targets precisely when they need them. According to the study, which included global companies with more than 1,000 employees, organisations spend approximately 320 hours per week on vulnerability response, and automation requires only a fraction of human time, completing the process in hours instead of days.
Good patch management software also makes it easier for companies to follow industry best practices and comply with regulatory and internal requirements for safeguarding systems. It can provide compliance reports at the push of a button that detail which computers are/are not up to date and send notifications regarding unsuccessful patching attempts. Additionally, new features and functions, as well as support for other platforms, can accompany patches, making them all the more valuable.
And finally, there is something to be said for helping the end-user employees outside of IT. Automated solutions can take care of the little things at the endpoint that make experiences better for users. This involves executing basic tasks like periodically clearing a machine’s cache. Doing so not only speeds system performance but also ensures that any upgrades made to cached files appear. Another helpful task that can be automated easily is defragmentation. By defragging systems, programs run faster, files load quicker, and systems don’t have to work as hard to grab fragmented information, which in turn allows them to last longer. This also reduces the amount of time it takes to perform a virus scan so that any potential problems can be isolated and remediated in a fraction of the time. Additionally, automation can trigger system reboots and be queued to end processes that are draining resources unnecessarily. Older systems or those running low on RAM can be flagged for IT as well so that adjustments can be made. And virtually no employee will complain about getting a clean, new system—as long as IT can help with file transfers.
The tasks designed to enhance system performance might seem insignificant in light of all of the other priorities IT departments contend with, but if you ask IT operations staff on what duties they spend an inordinate amount of time, it’s the stuff required to maintain system performance. Fortune 1000 companies are charged with monitoring thousands of endpoints, making sure that everything runs like it should every day without causing productivity issues. Instead of addressing devices on a one-off basis, tools that automatically scan, run, and execute endpoint hygiene workflows on a scheduled basis become invaluable. Leveraging automation for performance is almost a no-brainer because these solutions remove a substantial amount of work from IT pros’ plates while keeping end users happy and productive, effectively limiting the complaints coming into IT.
At the macro level, automation has the potential to save massive amounts of time, reduce resource drain, and guard against vulnerabilities that can cost enterprises millions of dollars. On top of this, automated solutions reduce the capacity for human error that occurs when staff try to do too much or are not fully qualified to address an issue.
Because of these benefits, automation is taking off where it makes sense. Automated solutions are still an added cost, and they require time to implement and train employees how to use. When IT teams are already so inundated with work, there has to be a compelling reason to make the commitment to test out and make changes to operations and processes. The five tasks highlighted above represent areas where enterprises find the value great enough to warrant the investment.
Jim Souders, CEO, Adaptiva (opens in new tab)