The business imperative for enterprise IT automation

In a recent survey, Harvard Business Review found that 80% of respondents said, "[A]dopting IT automation is 'extremely or very important' to the future success of their organization."

But IT automation—the automation of everyday tasks that concern IT systems—may seem a long way down the “value chain” from generative AI, cloud and other much more headline-grabbing developments that promise to have a major impact on organizations, whatever sector they are in.

So why should you care?

Why is IT automation important?

I frame this in terms of how lowly infrastructure—whether in the public cloud, a private cloud or traditional on-prem—is the foundation for everything that sits on top, and so has an important bearing on how the value from those higher layers—applications, datalakes, AI models, etc.—actually perform.

Alongside the infrastructure itself, there are two other considerations that every organization needs to keep on top of:

1. Security and risk reduction at every level
2. Culture—in other words, ways of working, processes, and skillsI think security/risk is self-evident. Culture is important because even the best technology, used in an ineffective way, will not deliver the results expected, and could even be detrimental.

To distill things down to essentials, the characteristics of infrastructure that will have a positive impact on the layers above are speed (which can also be thought of as agility), and efficiency (which can be thought of as productivity or aligning costs to value for the business).

Four attributes for successful IT

So, in essence there are four attributes that an organization needs from the foundations for its IT:

1. speed,
2. efficiency,
3. risk reduction/mitigation, and
4. skills/ways of working. 

The good thing is, there is a virtuous circle where improving one will have a positive impact on the others.  For example, if you are able to act with greater speed and follow the right process, then you should be more productive; If you have the right skills and ways of working, then your processes should be more effective and you can act faster.

How can IT automation help?

So how does enterprise IT automation have a bearing on these four attributes?

Taking an enterprise approach to IT automation means following a strategy to take a unified, consistent approach, rather than each individual or team developing their own approach. The first benefit is to minimize the variety of tools and techniques needed to implement automation and therefore reduce cognitive load on teams while also making skills more transferable. Generative AI, trained on a domain-specific corpus of data, can also help lower the barrier to entry.

Standardizing the approach to automation also increases the opportunities for sharing and reuse, particularly with a tool that is modular, extensible and has lots of ready-built content available.

A consistent approach also means better metrics will be available and KPIs can be assessed more consistently, leading to better outcomes and ongoing improvements.

Sharing and reuse

Sharing and reuse leads to the ability to coordinate and orchestrate across multiple domains. This results in greater speed and agility because requests can be serviced end-to-end, reducing deployment times.  An example would be when provisioning a new virtual machine (VM), creating storage resources and networking configuration at the same time. Often, there are different teams responsible and coordinating even simple requests can take several days due to manual hand-offs. The result is that service levels and mean time-to-recovery (MTTR) improve.

A powerful IT automation tool can run tasks in parallel and based on scheduling, so that the time to complete multiple tasks is dramatically collapsed (compared to a manual one-by-one approach), and human intervention to run tasks during maintenance windows is reduced or eliminated. This is particularly helpful when automation needs to be scaled to reach thousands of assets, which is typical in cloud and edge scenarios.

Single point of control

Further, a unified approach provides a single “point of control”—one place where resource ownership can be tracked. Knowing who owns a resource and its use means it can be managed more effectively and usage can be adjusted for greater efficiency. We have worked with customers who are saving thousands of dollars per year by suspending resources that are not used during off-peak or non-working hours and deleting transient resources that haven’t been used for a period of time.

Another way that IT operations can be accelerated is to integrate automation with existing IT Service Management (i.e. Service Desk) processes. This means requests raised via service request tickets can be actioned automatically without human intervention. Event-driven integration can also be used to automate remediation of common problems as they occur, without requiring human intervention, while keeping incident data updated in a central location.

Automation-as-a-Service

In fact, an API-enabled “Automation-as-a-Service” approach supports multiple use cases, including DevOps continuous delivery (CD). This fits very nicely with taking a unified approach to infrastructure provisioning and configuration, based on definitions stored in a version control system (i.e. a “Git repo”). This is generally referred to as “Infrastructure-as-Code” (IaC), because the provisioning and configuration of infrastructure (servers, storage, networking) can be driven from definitions with a lifecycle managed in the same way as application code. This takes the sharing and reuse to the next level—now it’s not just the “how” but also the “what” that can be defined in a common way.

Building on this approach, it then becomes possible to apply a “software lifecycle” to automation, so that changes are staged through development and test environments with appropriate checks, before being promoted to production, in exactly the same way an application would be expected to go through quality gates prior to hitting real users.

Compliance-as-Code

This leads us to “Compliance-as-Code” where corporate standards can be enforced because all changes are made in the version-controlled source repository and then released through a quality control system. Manual interventions without appropriate controls are avoided, and any change can be quickly and reliably backed-out if it causes a problem at any stage. Systems can be maintained in a compliant state with the appropriate patches, hardening, configuration, etc., so that risks are mitigated at the same time as effort to maintain audit-readiness is reduced

Integration with secrets vaults means the automation platform can perform privileged activities on the managed assets with credentials retrieved on an as-needed basis, rather than holding them directly. Integration with privileged access management means that access to automation tasks with escalated privileges can be controlled based on the user’s role. Removing the need for human operators to request privileged access reduces exposure and speeds actions. In combination, these capabilities lead to enhanced security and enable a zero-rrust architecture—i.e. authentication at every step.

Taking this one step further, automation can be applied to the automation solution itself and used to rotate certificates and credentials, thereby reducing the potential for compromised secrets.

There’s one last piece required to have a robust solution that supports sharing and reuse of content: Having a “chain of custody” for automation content, so that automation tasks defined by one team (and ideally tested via a lifecycle, as discussed above) can be digitally signed, and the automation solution enforces the exclusive use of verified and signed content. This is particularly important when automation content can be sourced from outside the organization, such as modules developed by vendors to work with their products.

Wrap up

Hopefully this article has explained how enterprise IT automation, approached with consistency and the right integrations, has an impact on speed, efficiency, risk and skills, and  thus can help provide better outcomes for an organization.

All of this might sound daunting, but don’t despair, because each step builds towards the next. Successful organizations start with the end in mind and work towards their goal in a logical and incremental manner. Selecting the right enterprise IT automation strategy and technology will serve you well in the long term.

Learn more about Red Hat Ansible Automation Platform