The number of organizations deploying business and IT automation solutions has tripled over the past two years. This trend is being driven by the continued development of intelligent agents, or bots, that make it easier to run a range of repetitive processes without human intervention. It’s estimated that nearly two-thirds of all Internet traffic today is generated by software bots carrying out tasks such as customer service support, search engine optimization or payment processing.
Bots have become so adept at learning, mimicking and executing rules-based business processes that they have sparked the movement toward hyperautomation — the orchestration of multiple tools to rapidly identify and automate as many business and IT processes as possible. In fact, Garter Research Vice President Fabrizio Biscotti says hyperautomation has become a “condition of survival” for businesses in a digital-first world.
While hyperautomation can help organizations increase agility, optimize workflows and reduce costs, deploying mass numbers of AI-powered bots does heighten an organization’s risk of data leakage or theft. Bots often handle critical data and sometimes must migrate it across systems from one process to another. That creates the possibility of a malicious user gaining control of a bot and utilizing it to harvest network credentials and other sensitive information.
Preventing Identity Sprawl
In many cases, risk arises from a lack of identity and access management (IAM) policies and tools. Too many organizations fail to consider that the process of deploying hyperautomation will involve the creation of many new digital identities. In addition to individual identities for each new bot, organizations may also need to establish new credentials for project managers, engineers, team leaders and rank-and-file business users who will need to access those bots.
Without a robust IAM solution in place, unchecked growth in the number of credentials in use can lead to identity sprawl. That can lead to poor overall visibility and make it difficult to control who is accessing information and what they are doing with it. According to a recent Dimension Data study, 84 percent of IT professionals said the number of identities they manage has more than doubled in the last two years, and 95 percent said they are struggling to manage them.
IAM combines user provisioning, password management, strong authentication, single sign-on and other technologies to define and manage access privileges for both human and nonhuman identities. IAM policies must create limits on the information and other resources a bot can access when performing a task. They must also dictate who in the organization can access, modify or execute a bot.
In addition to assigning each bot unique authentication credentials, organizations should establish a zero-trust environment in which identities are always verified and access is limited to systems and resources needed for specific projects and tasks. To further limit risk, access privileges should never be written into a bot’s script where they could be potentially accessed and modified by an unauthorized user. Instead, use a privileged access management (PAM) solution to centrally store and manage those credentials.
The ability to automate countless routine, repetitive tasks throughout the organization makes hyperautomation one of the hottest trends in technology at the moment. Gartner analysts predict the hyperautomation software market will reach nearly $600 billion this year, allowing organizations to lower operational costs by 30 percent.
However, organizations must have effective security measures in place to realize the potential benefits. Contact us to learn more about how hyperautomation can benefit your organization, and the tools and practices that make it secure.