Introducing the ETM Vision: Powering Autonomous IT

Across industries, we’re experiencing a wave of automation, from smart factories to self-driving cars. With so many industries moving to autonomous operations, the modern CIO should also think about moving IT to an autonomous, self-driving operation as well.

Why? Every CIO – especially now with a possible recession on the horizon – is being challenged to do more with less. For instance, how does the CIO fund disruptive innovation such as digital transformation of the business, while also paying to keep the lights on?

And as the CIO and IT drive and support the digital transformation of sales, marketing, product development, and supply chain to improve quality, while reducing cost, the Next CIO would do well to think about how to digitally transform IT itself to help improve quality and reduce costs of services delivered by the IT organization.

A big obstacle to achieving autonomous IT are all the numerous IT processes that span siloed management tools which today are mostly done manually. One CIO shared that her IT staff was responsible for more than 80 such processes.

Take the employee off-boarding process as an example, which is very topical given the record number of employee terminations companies are facing. Employee offboarding can be described as separation-to-recovery with six distinct stages: Separate, Deprovision, Reassign, Recover, Reallocate and End-of-Live.

For most companies, this process is deployed through a patchwork of manual and error-prone workflows involving multiple teams and multiple handoffs navigating in and out of multiple point tools.

 

Figure 1: Employee offboarding is complicated with lots of opportunities for errors

For instance, as shown in Figure 1, to offboard an employee likely requires multiple people to complete a variety of tasks such as

  • Terminate the employee in an HR system; Notify stakeholders of the change in employee status.
  • Deactivate single sign-on and identify solutions and Lock corporate laptops, and revoke access to on-premises and SaaS applications.
  • Reassign ownership of documents, data and cloud resources.
  • Return application licenses to an entitlements pool.
  • Reimage and return employee issued devices back into inventory
  • Destroy the device if it’s near end of life

 … just to name a few of the many likely tasks.

And if an employee isn’t offboarded properly, this leaves companies at risk of ex-employee theft. In fact, according to one survey, 12% of all employees take sensitive intellectual property with them when they leave an organization. And in another survey, forty-two percent of organizations reported at least 5% instances of unauthorized access to SaaS and cloud resources after employee departure.

The “post-covid hangover” has only heightened this ex-employee security risk all companies face. When the pandemic hit, businesses across the board scrambled to deploy tremendous amounts of technology in a hurry. But as good-meaning employees rallied in the heat of the moment to stand up new on-premises and cloud-based infrastructure in record time, many security safeguards were missed.

Yet as we’ve settled into the new normal of running hybrid a workforce, many companies haven’t gone back and figured out the precise details around what technology they have deployed – not addressing crucial data hygiene and potential security exposures.

For example, many businesses don’t have accurate data on which employees have access to sensitive data such as login credentials into cloud instances or CRM accounts, during a time when 88 percent of organizations are deploying apps and workloads on public clouds and on average mid to large enterprises rely on over 187 SaaS applications.

And unfortunately, the risk of cyberattacks by ex-employees is very real:

  • A former employee of Square downloaded customer reports containing 8.2M names and brokerage account details – certainly, a regulatory compliance violation.
  • A system admin at an American College changed a Google password blocking email and shutting down communications across the school’s faculty, administration and students.
  • An Amazon ex-employee who was not offboarded properly and still maintained access to Amazon got into Capital One application files and sifted through a misconfigured web application firewall; this breach affected over a hundred million people in the US and Canada.
  • Memorial Healthcare Systems was fined $5.5 million dollars because a former employee’s login credentials were used without notice for nearly a year, and protected information was accessed.

That all said, the fact that many of these processes are performed manually today also means there is great opportunity for the CIO and IT. If these processes can be made more efficient through automation and continuous optimization, then money can be saved from existing IT budgets, which could be reallocated to fund more strategic initiatives like digital transformation, while also making IT employees happier not having to spend their time doing boring, manual tasks.

In my Amazon bestselling book, the Next CIO, I discuss how CIOs can overcome these obstacles on the journey to realizing an autonomous IT operation.

To do this, CIOs and their staff’s first need to assess the maturity of their processes that touch their broad technology landscape and span siloed, point tools. I call these enterprise technology (or ET) processes. In this regard, the Next CIO proposes a 5-level IT process maturity framework to assess the level of maturity for IT’s numerous ET processes.

Then CIOs need a new category of application that enables them at a minimum to define – in software – the workflows that implement these ET processes, using a low- to no-code user interface so professional services are not required. When processes are described in large PDFs – which is common in most IT shops today – few can follow them precisely, creating among other things compliance risks. Workflows defined in software, on the other hand, can be automated and utilize data to continuously optimize themselves.

The software-defined workflows need to be built using a low- to no-code user interface, so no custom integrations or professional services are required.

This new category of application must also sit on top of the siloed tools, using connectors to consume and express the data from the siloed tools required to inform the automated workflows, so no tools rip and replacement are required. This capability can also help ensure good and consistent data hygiene. After all, as the former CIO from Cisco shared with me, “automating with garbage data just makes the garbage go faster.”

I call this application Enterprise Technology Management (or ETM). The ETM vision is CIOs will rely on software to observe, manage, and secure enterprise technology processes, autonomously.

And I’m excited to share that there is now at least one ETM application in the market: Oomnitza.

If you’re interested in learning more, I invite you to watch a next episode where I click one level deeper to show the complexity of a typical employee off-boarding process and how it is automated through an ETM application.

I also invite you to take a first step of assessing the maturity of a single IT process – such as employee offboarding – to understand what value you can achieve by automating this one process within your organization – knowing there are many other such manual processes – as you start your journey to running an autonomous IT operation.