Anticipating Secure Authorization Needs of Intelligent Automation


Amid today’s swirl of artificial intelligence innovation, organizations are ramping up their adoption of intelligent automation to realize the full benefits of a technology-supported workforce. Ken Ross senior director of product management of Automation Anywhere notes why these leaps prerequire secure authorization tools and protocols.

While generative AI, for example, can help employees ideate, intelligent automation is needed to execute those ideas without adding to their to-do lists. According to a surveyOpens a new window we conducted last year, ninety-five percent of business, technology, and automation professionals consider intelligent automation a key component of their transformation strategies.

Intelligent automation enables companies to establish a connected ecosystem of applications, tools, and data, replete with digital workers that augment human colleagues by handling their most repetitive tasks. By intelligently automating business processes and systems, companies can simplify operations while freeing employees to perform higher-value, more strategic, and more creative work. This, in turn, improves productivity, employee experience, and customer engagement. 

Overcoming the Challenges of Existing IT Security

Many encounter an obstacle that slows down implementation: their existing IT security strategies. 

This is not because intelligent automation is insecure. Since these technologies do not respond to phishing emails, do not write down passwords on sticky notes, and log all activities for auditing, they are likely to complete tasks more securely than their human counterparts. But existing IT security strategies weren’t built with automation in mind, which can pose challenges if the security team isn’t brought into the initiative at the right time.

For instance, a friction point that companies may experience in deploying intelligent automation is that their security strategies do not account for the security credentials needed to complete tasks. Without these, the intelligent automation platform cannot log in and access, extract, or update data in a company’s applications—making it impossible for its digital workers to perform their tasks and potentially halting the initiative altogether. Also, while security strategies are increasingly covering automation, it can take time to ensure that everyone understands the data flows and signs off.

Therefore, it’s critical that automation initiative leaders collaborate with their company’s IT security teams, beginning at the very start of the initiative, to ensure full functionality and security throughout the intelligent automation ecosystem. IT security team involvement should continue through the process, including regular, frequent, and proactive touch bases for planning and troubleshooting.

See More: How Intelligent Automation and AI Address Key Problems Facing the SOC

Leveraging the Capabilities of Intelligent Automation Platforms

From a more tactical standpoint, intelligent automation platforms have several native and integrated security capabilities that an organization’s IT security team can help to leverage. These include:

  • Logical access controls: Logical access controls restrict who or what can access specific computing resources, including applications and servers. Using authorization and authentication measures, such as those outlined below, logical access controls can be set to help ensure that only the intelligent automation platform can access company data and resources when needed.
  • Secure APIs with OAuth-based authorization: OAuth is an open standard that can authorize secure API access with tokens rather than credentials. Consider the example shared above – with OAuth, the intelligent automation platform acts as a resource owner, initiating access using the company’s applications to data stored via the secure API. OAuth enables the use of tokens to authorize access so that digital workers can complete their tasks without a username and password.
  • Credential vaults: Information security teams often require the use of the organization’s chosen credential vault. Credential vault integrations offer an effective way to manage, protect, and use them, with native capabilities as well as the ability to integrate third-party products. When an intelligent automation platform is granted access to a particular credential, the vault auto-populates the password into the associated application. Since the login happens on the backend, credential vaults can not only be used to support the automation of tasks, but also ensure that passwords are managed securely.
  • Password rotations: One benefit of credential vaults is that they can help automate the process of password rotations or the security best practice of changing password credentials with each login. 

The Three As – Authentication, Authorization, Automation

Additional security best practices for intelligent automation and digital workers include leveraging cloud services with strong certifications in place, such as ISO 27001 and HITRUST, in addition to SOC 2. Also, integrate with identity providers for unified access controls with granular permission levels and proactively monitor audit logs to identify anomalous behaviors and track changes made to the platform. 

By partnering with IT security teams early to establish standard methods of authentication and authorization, automation initiative leaders can accelerate intelligent automation deployment at their company and more quickly realize its benefits. The measures and best practices above are a great place to start.

What best practices are you employing to manage the evolved security requirements of intelligent automation? Share with us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!

Image Source: Shutterstock