Computacenter: it's time to change cyber security
Late in September, the front page of the Times newspaper proclaimed that “500m users hit by the biggest hack in history” (due to recently released findings from a 2014 attack). These no longer sensationalist, but instead factual headlines, may sadly continue with each one correctly announcing a breach bigger than the last.
It’s time to rethink information security because the rules of the game have fundamentally changed. As an IT industry with extremely competent security professionals the time has come for hard conversations, which discuss difficult problems that drive and deliver far reaching change. The legacy approach to design, implement and support information security platforms should not be fully jettisoned overnight but a failure to understand the efficacy of the whole solution to deliver “known, measured and maintained (or enhanced)” levels of security can no longer be accepted as valid or sound behaviour (I apologise if this is overly hard hitting).
There are numerous highly viable reasons why a multi-vendor security infrastructure and security software environment can deliver secure business / IT workload outcomes. But any environment with siloed platforms that do not inform or update each other via vendor proprietary, industry standard data exchange layers or leverage other platforms that correlate and represent actionable information may be as useful as no security layer at all. I am not advocating a single vendor security environment (although it can unlock a number of notable advantages) but I am leaning to a “greatly reduced” vendor environment as the complex web of devices pervasive across many enterprise IT estates, delivers a false sense of security can be the perfect landing zone for an attacker.
Add to that, the importance and non-negotiable educational requirement to formally enhance the knowledge of IT system and application users of the “responsibility and accountability” they personally hold to protect the digital assets they interact with daily. Almost without exception the major hacks and attacks originate from an inadvertently compromised user (tricked or bribed) with the end result a valid way in for an attacker to undertake the reconnaissance necessary to undertake the main attack. It’s time for all IT users to change their level of understanding and intimacy with IT security outcomes with the result a major step towards helping the wider enterprise security programme to operate effectively.
The Times newspaper headline displayed the passport picture and details of Michelle Obama – as we continue to discuss the growing importance of digital identity with a passport one indelible example of an identity deemed more important than most, a system attack that successfully obtained the personal details of one of the most highly protected individuals in the world highlights that no one is safe and everyone is a potential target.
IT security 2020 is required today and required now. It starts with an understanding of current IT and digital assets, gap analysis of posture aligned with compliance, platforms and systems that interact together, user education and greatly increased end to end visibility of the whole estate. I could go on as the steps required are many fold, but they are not steps we don’t already know or shouldn’t be undertaking today. No change is unacceptable, more of the same is unacceptable. Sadly, we can be sure that the next big breach will be bigger than the last but ideally no one wants to the star of the headline.
By Colin Williams, Chief Technologist (Networking, Communications & Security), at Computacenter
Automation of repetitive tasks leads to higher value work
Two-thirds of global office workers feel they are constantly doing the same tasks over and over again. That’s according to a new study (2021 Office Worker Survey) from automation software company UiPath.
Whether emailing, inputting data, or scheduling calls and meetings, the majority of those surveyed said they waste on average four and a half hours a week on time-consuming tasks that they think could be automated.
Not only is the undertaking of such repetitious and mundane tasks a waste of time for employees, and therefore for businesses, but it can also have a negative impact on employees’ motivation and productivity. And the research backs this up with more than half (58%) of those surveyed saying that undertaking such repetitive tasks doesn’t allow them to be as creative as they’d like to be.
“When repetitive, unrewarding tasks are handled by people, it takes time and this can cause delays and reduce both employee and customer satisfaction,” Gavin Mee, Managing Director of UiPath Northern Europe tells Business Chief. “Repetitive tasks can also be tedious, which often leads to stress and an increased likelihood to leave a job.”
And these tasks exist at all levels within an organisation, right up to executive level, where there are “small daily tasks that can be automated, such as scheduling, logging onto systems and creating reports”, adds Mee.
Automation can free employees to focus on higher value work
By automating some or all of these repetitive tasks, employees at whatever level of the organisation are freed up to focus on meaningful work that is creative, collaborative and strategic, something that will not only help them feel more engaged, but also benefit the organisation.
“Automation can free people to do more engaging, rewarding and higher value work,” says Mee, highlighting that 68% of global workers believe automation will make them more productive and 60% of executives agree that automation will enable people to focus on more strategic work. “Importantly, 57% of executives also say that automation increases employee engagement, all important factors to achieving business objectives.”
These aren’t the only benefits, however. One of the problems with employees doing some of these repetitive tasks manually is that “people are fallible and make mistakes”, says Mee, whereas automation boosts accuracy and reduces manual errors by 57%, according to Forrester Research. Compliance is also improved, according to 92% of global organisations.
Repetitive tasks that can be automated
Any repetitive process can be automated, Mee explains, from paying invoices to dealing with enquiries, or authorising documents and managing insurance claims. “The process will vary from business to business, but office workers have identified and created software robots to assist with thousands of common tasks they want automated.”
These include inputting data or creating data sets, a time-consuming task that 59% of those surveyed globally said was the task they would most like to automate, with scheduling of calls and meetings (57%) and sending template or reminder emails (60%) also top of the automation list. Far fewer believed, however, that tasks such as liaising with their team or customers could be automated, illustrating the higher value of such tasks.
“By employing software robots to undertake such tasks, they can be handled much more quickly,” adds Mee pointing to OTP Bank Romania, which during the pandemic used an automation to process requests to postpone bank loan instalments. “This reduced the processing time of a single request from 10 minutes to 20 seconds, allowing the bank to cope with a 125% increase in the number of calls received by call centre agents.”
Mee says: “Automation accelerates digital transformation, according to 63% of global executives. It also drives major cost savings and improves business metrics, and because software robots can ramp-up quickly to meet spikes in demand, it improves resilience.
Five business areas that can be automated
Mee outlines five business areas where automation can really make a difference.
- Contact centres Whether a customer seeks help online, in-store or with an agent, the entire customer service journey can be automated – from initial interaction to reaching a satisfying outcome
- Finance and accounting Automation enables firms to manage tasks such as invoice processing, ensuring accuracy and preventing mistakes
- Human resources Automations can be used across the HR team to manage things like payroll, assessing job candidates, and on-boarding
- IT IT teams are often swamped in daily activity like on-boarding or off-boarding employees. Deploying virtual machines, provisioning, configuring, and maintaining infrastructure. These tasks are ideal for automation
- Legal There are many important administrative tasks undertaken by legal teams that can be automated. Often, legal professionals are creating their own robots to help them manage this work. In legal and compliance processes, that means attorneys and paralegals can respond more quickly to increasing demands from clients and internal stakeholders. Robots don’t store data, and the data they use is encrypted in transit and at rest, which improves risk profiling and compliance.
“To embark on an automation journey, organisations need to create a Centre of Excellence in which technical expertise is fostered,” explains Mee. “This group of experts can begin automating processes quickly to show return on investment and gain buy-in. This effort leads to greater interest from within the organisation, which often kick-starts a strategic focus on embedding automation.”