Data security is a top concern for modern businesses when choosing any new software. It’s critical to ensure your data will be kept safe and within compliance regulations when choosing vendors. Automate is a robotic process automation (RPA) solution that lets you automate your most repetitive tasks to make your life easier and more efficient without leaving you vulnerable.
Watch our on-demand webinar to see how Automate is built with security in mind. Automate doesn’t store any customer data and with robotic process automation, you can ensure there’s no human contact with private information. These and other features make Automate a safe solution that can help you maintain compliance with industry standards like HIPAA and GDPR.
Learn how Automate allows you to:
-Get more control over your workflows and limit user access and type of access with role-based security
-Keep a detailed audit history for compliance requirements and see if anything unusual is happening in your workflows
-Automate disaster recovery processes to prevent data loss
Watch Pat Cameron, Director of Automation, in our on-demand webinar to see for yourself how Automate allows you to have control over your data and processes.
6. Security breach
S E C U R I T Y A N D A U D I T I N G W I T H S K Y B O T S C H E D U L E R6
7. Limits access to systems/applications
Limits access to application passwords
Limits access to databases
Documents all tasks/workflows
Records all changes
Records exceptions
Records date and time of execution
Automation enhances security
8. Controls based on environments (test vs. production)
Controls based on application
Controls based on job description
Controls who has access to application passwords
Controls timing of workflow/task execution
Types of Control
9. 9
• Role-based security
• Access to specific agents
• Access to specific jobs
• Change, Execute, View, Exclude
• Base roles on department, division, location or customer
• Interface with Active Directory or LDAP server
Security options
S E C U R I T Y A N D A U D I T I N G W I T H S K Y B O T S C H E D U L E R
10. Automated Password Resets
Limit Access to Users
Limit tasks to view only or execute only
Limit access to specific tasks/workflows
All activities logged
Automated user on-boarding/off-
boarding
Use Case - Automated User Management
12. Production Control for all objects
Limited access to services accounts
Limited access to passwords
Limited access to SFTP systems
Export/Import objects to production
Use Case - Limited access to Production Systems
13. All actions tracked by date, time, user
Aggregate audit data for reporting
Report on system configuration changes
Active Directory User Audit Reports
Use Case –Auditing
15. All job steps documented
Graphical workflow view
Changes tracked immediately
No need for tracking on spreadsheets
Use Case - Self-documenting
16. System changes
Job errors, late starts, overruns
Audit reports of changes to any object
Exception Reports
17. 17
• Logs every database change
• Record changed
• Field changed
• Date and time of change
• User making the change
• Original and new value
• Server History
• Reports
• Audit History Report
• Job History Report
• Agent Event History Report
• Security Report
Audit records and reports
S E C U R I T Y A N D A U D I T I N G W I T H S K Y B O T S C H E D U L E R
20. Thank You for Attending!
Next steps:
Download FREE trial
Set up FREE automation consultation
Website:
http://www.helpsystems.com/automate
Telephone:
US Sales: 800-328-1000
Outside US: +44 (0) 870.120.3148
Support: 952-933-0609
Technical Experts:
richard.schoen@helpsystems.com
pat.cameron@helpsystems.com
Editor's Notes
As mentioned I am Richard Schoen, Director of Document Management Technologies at HelpSystems.
I am part of the technical solutions group bringing topics like this to our customers and prospective customers.
I have over 30 years of background with IBMi, Windows and Linux platform software development, system integration, managing and delivering forms and documents and helping customers with automation processes.
I also have a heavy development background using .Net, Java, RPG and other development languages.
My co-host today is Pat Cameron who is our director of automation technology.
Pat why don’t you say hello and tell us about what you do here at HelpSystems.
How many of you have failed an audit? Raise your hand – no one will know your name…
So you put good policies in place and have rules set up to meet all of the requirements of your auditors. The problem is documenting those policies and showing history of any exceptions. Unless you have a system in place that creates documentation as part of the automation tool, you will still find yourself spending all kinds of time and energy trying to gather together information needed when the auditors show up. It may only be once or twice a year, but who’s got time for that?
Several bits of information that our customers have said are required are:
Documentation of job failures – including date, time, reason – how and where do you keep that history
Documentation of job streams and dependencies – especially cross system dependencies – are these being updated in a spreadsheet?
Downtime
Job failures
Job delays
Missed service level agreements
What are some of the causes of unplanned downtime? You always hear people talk about downtime from disasters such as floods and fires, but my experience has shown that more often the cause is internal and not an entire system, but more like the following:
I did live through two systems that went casters up in the days before high availability solutions. December of one year and February of the next. It was a rough quarter. The systems were down for days, but our backup (more to the point, our restore) was successful. High availability environments make the likelihood of losing an entire system much less these days, but let’s look at a few other downtime problems.
A programming error for example. A user considers the system down if their application is not available and they can’t access the data they need for their job. The wrong version of a program getting put into production can cause downtime for a one business unit or several. Because our applications are so inter-dependent these days, that downtime could leak into other departments as well.
A delay in a job steam is also considered downtime to anyone with Service Level Agreements. If processes don’t complete on time and they, in turn, affect other production jobs, that is downtime. Failure to meet SLA’s are painful and can affect a company’s bottom line as well as your own.
If you have any examples of downtime that you’ve experienced – feel free to send a chat message to All Participants in the chat window on your right.
If you’ve ever had to rerun jobs because a dependency wasn’t available when the job ran, you know downtime. Scheduling jobs based on time and hoping that all of the prerequisites are finished is a scary way to run Information Services .
Delays can also be caused because no one is notified if an error occurs or if a job gets into a loop and runs for hours. If you need to log in to the systems at night or for month end to make sure that things are running ok, you know what downtime is.
Running jobs manually is also asking for problems. Because we are all so busy these days and stretched so thin, it is very possible that jobs will get run in the wrong order or run at the wrong time. We’re only human.
I know many operations areas that have checklists that they go through each shift checking off when jobs were run and initialing them or maintaining spreadsheets as run books. They’re great to show the auditors, but the reality is that you may not be able to check as often as required because of other duties and who has time to constantly be updating those spreadsheets.
No one likes a micro-manager and you don’t want to have to micro-manage your systems either.
Poor performance can also be considered downtime if it causes delays in your job streams and stretches out that nightly batch type processing into the morning business hours.
Interface with Active Directory
Role based security
Encrypted communications
Going along with the division of duties theme – is using cron or the windows task scheduler providing you with the security that you need regarding access to your production schedule?
How many users have administrator rights? Can you limit access to jobs running on specific servers or from an application such as payroll.
Do you have the flexibility to allow a Production Control area, for instance to be able to set up and change job schedules without having to give them administrator rights to those servers?
Can you limit the type of access to specific jobs such as execute, view only, or exclude?
Without the ability to limit the type of access, you certainly may be putting yourself in a position to have security breaches within your data center. If someone from accounting needs to run some reports as they need them, can you also limit his/her access to just that job?
These are the types of situations that can put you in danger of having someone breach your security policies.
What are the overall benefits of automation to your security policies?
(Review Polling Results)
Thanks for attending our webinar today.