Automation For The Better Good – Security
Automation gets a bad rep these days, what with public fear that robots will take over jobs (an invalid assumption – we will be working side by side with them).
However, if you asked the most diehard Luddites if they were ready willing to give up the following:
- Depositing a check using a mobile app
- Ordering products on Amazon to receive the next day
- Accepting a jury duty request online
…they would probably hesitate.
What these tasks have in common (in addition to relying on automation): a critical dependence on security. When you deposit that check, you trust that the image is encrypted. When you accept that jury duty request, you have faith that your PII (personally identifiable information) is being protected.
In a world where infrastructure-as-code scales quickly and massively scales, it is crucial to bake in security at every level of the stack. This means leveraging automation tools such as configuration management and application release automation, as well as applying Zero Trust principles all the way down to the bare metal.
In a new report, Joseph Blankenship and I dig into the particulars of this endeavor, as well as the organizational implications. In the end, you want I&O professionals to be policy enablers, not policy executors – automation helps get us there.