Riding the Automation Paradigm Shift?

Posted 16.07.2015 in Automation, Security, Technology by Kim Halavakoski

I have been thinking about and experimenting with automation tools quite a bit for the last year, gradually envisioning the business value of infrastructure automation and subsequently trying to evangelize the use of automation to everybody both internally and externally.

Imagine if we could provision and deploy new servers and applications without significant effort. Imagine being able to provision not one or ten, but hundreds or thousands of applications with the same minimal effort. Imagine having the same configuration on all these servers and applications. Imagine managing twice as much infrastructure as you are today but with the same human resources. Imagine meeting your CEO business goals and time-to-market goals every time [s ]he comes up with a great new business idea. Imagine the look on your auditors face when you show him the audit trails(Git commits?) for each change in your infrastructure and a sample from the servers showing that the configuration is in compliance with your policies, standards and procedures. Imagine being able to code, configure, deploy and test each and every change you make to the infrastructure in order to ensure the quality and security of the change.

All this can be made possible by using and implementing automation in your infrastructure. Not just for the code you develop but also for the infrastructure that supports your code. The servers, loadbalancers, routers, switches, firewalls and insert-your-appliances-here that make your application work.

Sure, most sysadmins don’t have thousands of applications to manage so where is the gain for them? Why would they want to automate-all-the-things if they have 10 servers with 5 users that they have total control over the-old-way?

I think we are experiencing a paradigm shift in computing where the use of automation enables us to manage large quantities of computational devices to build smarter, better and more profound technical solutions than ever before. Indulge yourself in some wild ideas and think if something like Skynet, HAL9000, ELOPe and Daemon (yes, that’s totally meant to persuade you into reading those books :smile:) could be made possible? Where would that take us? Are we going to be part of making Ray Kurzweils Singularity a reality by advancing the use of automation and computing to the next-level?

Ok, so I might have gone off on a pretty extreme tangent there with AIs and Singularities(although I recommend reading Kurzweils book, it’s a fascinating read for the technically inclined!) but the fact is that automation is coming and will significantly change the IT landscape and we need to adapt and be part of that change in order to survive the increased business demands. Traditional sysadmins and the business will have to re-think the ways of working and adapt automation to be more effective and increase the sysadmin-to-server-ratio.

Finally a link to a blogpost I recently read about how IKEA does PCI-DSS compliance. It resonates quite well with my personal experiences at my day-work and with a presentation  I gave at PCI Amsterdam in November last year about Crosskeys “Road to PCI Compliance” where I talk about the things we have learned and done to become PCI compliant. Automation is an important part of that and a great example on how automation and configuration management can help compliance and security efforts like PCI-DSS. I can’t think that IKEA or anybody else could not have done it efficiently without automation tools and without significantly increasing the workforce.

So what are you sitting there reading this blog? Go automate something and be part of the paradigm shift!

Written by Kim Halavakoski

Kim is a hacker-minded, technology-geek that loves challenges. Having worked in the IT-industry for over a decade in ISP and large-scale financial networks configuring firewalls, networks, security technologies, log management/SIEM, automation, assessing risks and writing policies and governance processes.

Related articles

New Cybersecurity training from Deductive Labs in collaboration with Seably and Alandia

When it comes to dealing efficiently with the challenges presented by the global market, the maritime industry is increasingly dependent on technological innovation. This is why the maritime industry is…

We would like to order a piece of Cyber Security!

At this moment there are not many people in the maritime business that have not heard about the upcoming IMO regulation, Resolution MSC.428(98), regarding Maritime Cyber Security. Cyber Risk Management…

Maritime Cybersecurity and IMO regulations

Cybersecurity is currently hot-topic in the Maritime industry due to the upcoming enforcement of the IMO cybersecurity risk resolution from the beginning of 2021. The IMO resolution Resolution MSC.428(98) -…