ComplianceThe State of Michigan provides IT services to 18 state-level agencies and backs 300 online services used by its staff and over 10 million residents. Its mandate includes adherence to several policies like SOX, HIPAA and PCI that can affect security in different ways. After investing in automation, Michigan was able to minimize its non-compliance risk by automatically monitoring configuration changes and allowing system administrators the option to fix or restore the configuration before triggering out-of-compliance alerts. The State is now able to generate audit reports in 15 minutes, where previously this process took several staff members over an hour each to complete.
Industry and ManufacturingThe introduction of always-connected, always-on devices into industrial organizations has seen the threat of attack increase significantly. Indeed, these organizations used to be immune to many attacks due to their isolated and proprietary nature. The benefits of industrial Internet of Things, however, are tangible. Smarter, always-on systems can act as failsafe mechanisms and make split-second decisions to prevent accidents or other undesirable consequences caused by users or malicious activity.
Finance and AccountingAutomated analysis and verification of transactions and user rights can quickly detect and rollback fraudulent transfers.
Supplier and third-party integrationGiving access to your systems to suppliers and other third parties can be quite beneficial. However, both Target and Home Depot can attest to the risks. External facing portals should not be self-hosted or on shared, internal systems. Automatic evaluation of permissions and out-of-band two-factor authentication (2FA) can be used to great effect.
ConclusionManual approaches to systems management and security will become less and less effective as more and more systems become integrated. Each instance of integration increases the number of processes that must be policed and the data that must be protected. In response, automation will become the first and last resort to help keep businesses running while minimizing out-of-compliance and security threats. We’ll review some of those risks and the different ways organizations can mitigate against them in my next post.