When It Comes To Device And Website Security, Automation Is More Important Than Ever – Forbes

CEO ofSectigo, driving innovation in digital identity and cybersecurity for today's enterprises, including automation, IoT and DevOps.

Getty

The world faces an unprecedented global health crisis. As governments race to protect the health and well-being of their citizens, businesses must find innovative ways to serve clients and customers. Although countless employees in a wide range of industries have been asked to work remotely to prevent further spread of the new coronavirus, these businesses must continue producing. For many, this represents a unique opportunity to improve and modernize their practices.

Much-needed changes that organizations have been meaning to get to will now become paramount. Manual management of an environment by group participation works when the group is together in a common area, but when the group is dispersed, the tasks become exponentially riskier and more challenging. That means the need for automation is now. Businesses that embrace automation will realize its full benefits, while laggards will suffer from risk and inefficiency in our increasingly complex business world.

Automation has become essential to countless business processes, from manufacturing to fielding customer service calls. But many areas of business are still ripe for automation, particularly in IT. In the new work-from-home reality, IT departments must enable secure remote access for dispersed workforces. Automating important website security processes enables IT personnel to focus on other business-critical tasks while preventing costly lapses in protection. Automation solutions are usable by employees with limited technical skills. Manual processes, in contrast, often are built by experts who provide little by way of documentation or training materials. Should these experts become nonessential, the business would suddenly be at great risk.

Workforce Disruptions Can Generate Security Lapses

Digital certificates are a critical aspect of website and device security, and we have already seen an earlier example of how a workforce disruption can affect them. The U.S. federal government shutdown of 2018-19 furloughed hundreds of thousands of government employees, including IT personnel who were unable to conduct routine operations such as issuing and renewing expiring certificates. As a result, many government services and websites went offline during the 35-day shutdown, including more than130 online services and applications in a single week. Affected websites ranged from the U.S. Court of Appeals to NASAs rocket testing website.

Manual certificate maintenance requires careful management. For instance, browsers will only trust a website certificate for a certain term length (at present two years, but soon dropping to one). That means more certificates will require renewal, or browsers will no longer trust the site. If IT departments are unable to track upcoming certificate expirations for timely renewal, they risk their sites being flagged as untrustworthy and critical systems going offline. In fact, many high-visibility service outages for major digital systems stem from certificate management errors. December 2018sday-long service outagefor 32 million O2 customers is a perfect example.

Todays global workforce disruption dwarfs the 2018 government shutdown in scale and longevity. The biggest shake-up so far stems from shutting down office locations in favor of employees homes, introducing a new set of needs and risks and catching many IT departments off guard. As time goes on, this new norm will take a further toll on businesses as workforces struggle with adversity in many forms:

These factors combine to place extreme risk on any human-intensive process in the enterprise, especially one as intolerant of delay or error as certificate renewal.

Automation can eliminate expiration-based outages, cut mistakes and free up IT professionals time for other projects. It does not require in-depth institutional knowledge, and administrators can easily configure and operate automated systems.

Getting Started With Certificate Automation

Thinking of embarking on a certificate automation project? You may already have started. Microsoft CA is Microsofts built-in certificate management system, and it enables automatic management of certificates within Windows environments. For those using Windows in any capacity, it is a valuable first step into automation. Of course, few organizations operate exclusively in Windows, which means Microsoft CA is best used in conjunction with other services capable of managing certificates for all operating systems and use cases.

When adding a new system, it is wise to conduct an inventory of existing certificates. An automated certificate discovery tool can do this for you. In addition to identifying production certificates before they expire and create a crisis, you also can ensure all certificates are following mandated security practices and meeting appropriate compliance requirements.

Make sure you find a solution that provides interoperability with your critical systems those you use today and those youre likely to expand to in the future. To ensure interoperability, look for these capabilities:

Adjusting To The Present Is Also Planning For The Future

With IT teams still working to adjust to the new normal, they are discovering that now is the perfect time to automate essential business practices. Many organizations expect newly automated processes and more flexible work-from-home policies to remain in placewell after the current crisis, so ensuring that they are prepared to face the IT and security challenges that go along with our new reality anywhere, anytime is of paramount importance.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

The rest is here:
When It Comes To Device And Website Security, Automation Is More Important Than Ever - Forbes

Related Post

Recommendation and review posted by Alexandra Lee Anderson

Both comments and pings are currently closed.

Comments are closed.