Understanding Automation: How To Do More Than You Have the Resources For

Hannah Young
Hannah Young
.
February 3, 2023
5 min
 read

While “automation” can sound like “layoffs” to many individuals, automation is at its best when it’s helping and enriching people’s jobs, not overtaking them. There are numerous technologies under the umbrella term “automation,” encompassing everything from the mechanical clock to the personal computer. In general, automation refers to the creation/application of technologies and systems that require little to no human intervention.

Comic where Man 1 asks Man 2 what he’s working on and Man 1 says “I’m building a robot to handle tasks I don’t enjoy. Speaking of which…” and in the final frame there is a robot that Man 2 created that says “Hello. I’d be happy to converse with you about trivial matters.”
Image by Brian Russell

When taking advantage of automation technologies, employees spend less time, effort, and resources on menial tasks and are free to spend that time employing their talents toward high-level, complex duties.

For instance, if you can automate permissions with an IAM solution like Crosswire, the time spent playing email tag with supervisors to get access could instead be spent refining that sales presentation or talking strategy with your team.

It’s crucial to make the most of what you have when you’re in a resource-constrained position, like the founder of a startup or the head of an under-budgeted department. You may not have the headcount or capital to just throw people or money at the problems you face, and automation is a great way to be clever about solving those problems.

This article covers five significant ways to improve your workflows and get more results than you would otherwise have the resources to.

1) Automate your agreements

Image of a Slack workflow where they have scheduled a reminder message for their employees to post a weekly review every Friday at 1 pm
Image by Slack

This doesn’t even always require code; it just requires you to spend some time automating actions that you’ve already agreed to take.

For example, you can use Slack reminders to ping a channel when they need to write project updates (as shown above) or auto-send emails when candidates get to certain stages in your applicant tracking system. Anywhere that you or someone on your team agrees to do “X” where “X” is an action that will be repeated many times, automate that agreement. You can think of SLAs that you might be responsible for and try to ensure that you’ll maintain them automatically — if you have a 24 hr SLA on bug triage, consider automatically pinging your on-call to triage each new bug that shows up.

2) Push, don’t pull

Where possible, push data to those who need to act on that data. If you rely on people pulling data in order to act on it, that requires discipline and introduces human error.

It’s not necessarily the case that your team member doesn’t want to pull that hiring report and put it into the all-hands, but it’s one of 20 tasks they have to do, and it can slip through the cracks. If you can configure software to send the data to whoever needs it, you can mentally offload the task of needing to check that software at some cadence. This reduction in mental burden is a huge plus in a busy world.

3) Have your SaaS work together

Image from Rippling of a “Trigger” that “Support Agent has >75 open Zendesk tickets” with an arrow pointing to the “Action” to “Send Slack alert to Assignee’s Manager”
Image by Rippling

Often, the apps you’re currently using have automation features that you’re not taking advantage of, especially cross-platform.

For example, take two programs you frequently use, like Okta and Amazon Web Services (AWS). You can automate the task of managing AWS entitlements with Okta Workflow’s “AWS IAM Identity Center Connector,” saving you time and making use of your infosec practices (Okta has a detailed post on how to set this up here). Similarly, Rippling has the feature “Workflow Automator” (shown above), a no-code tool allowing you to automate otherwise time-consuming actions like putting a new hire’s start date directly onto your Google Calendar or sending an automated email on the first of the month (Rippling has a detailed post on how to set this up here). All in all, your applications should not only work for and with you but with each other, and checking out cross-platform automation is a great start.

4) Streamline existing workflows

Image by xkcd

While fancy new widgets and workflows are exciting, often, the most productive way to automate your workplace is by making something you already do just a little bit more efficient.

Good candidates for streamlining include things that 1) take up a lot of time, 2) happen often, 3) are prone to human error, or 4) all of the above. If you can make a small Retool dashboard that will take a Google Sheet ID and automatically upload all your sales leads into Gem and Salesforce, you can save your SDRs time and errors from repetitive tasks. If you have a creative set of Zapier Zaps that allow your Calendly links to route candidates to the right job post and stage in your interview pipeline, you can cut out hours of error-checking and manual work for your recruiting team.

5) Automate with Crosswire

Crosswire’s logo on a gradiented white, blue, pink, orange background

While Crosswire as a company automates itself using some of the above methods, there are also ways to automate with Crosswire’s IAM system itself.

With Crosswire, you can automatically qualify people for sensitive access under certain conditions, enable them to self-certify their access, and then have the access automatically expire after a few hours. Take, for instance, when there’s an active PagerDuty incident. This can be automatically linked to the #active-incident channel so that whenever someone is added to that channel, Crosswire can automatically make that person eligible to pull Prod DB logs from AWS (the person can also request access and be automatically provisioned access). After a few hours, Crosswire can then make sure the access is deprovisioned while recording a trail of all the events.

All in all, automation can seem drastic or daunting, but when reframed as a tool to cut down on the tasks that squander your and your employee’s time, you can utilize it as the productivity improvement it is.

For further guidance on automating and securing your organization, reach out to us! You can stay up to date with / join Crosswire below.

More from our blog

Identity Governance Best Practices for Security Leaders

Explore essential identity governance best practices for security leaders, ensuring robust security frameworks and compliance adherence. Learn more today.

Johnny Wang
.
4 min
 read
UPDATE: Customer Impact in the Okta Salesforce Breach

An update on Crosswire and the September 2023 breach of Okta’s Salesforce instance.

Crosswire Security Team
.
1 min
 read
Breaking Down the October 2023 Okta Breach

A comprehensive timeline and breakdown of the October 2023 Okta Support Case Management System breach.

Hannah Young
.
7 min
 read
October 2023 Okta Compromise Guidance

In light of October 2023 Okta support compromise, Crosswire sent the following message to its customers.

Crosswire Security Team
.
5 min
 read
What is ITDR?

The term Identity Threat Detection and Response (ITDR) has gained significant popularity this year, but what is ITDR, actually?

Hannah Young
.
5 min
 read
CISOs on Identity Security Maturity in the Enterprise

CISOs Chris Castaldo and Tanner Randolph share insights on security maturity and identity in the enterprise.

Hannah Young
.
5 min
 read
Black Hat Guide for Conference Veterans

Whether this is your 1st or 21st time at Black Hat, these tips can help you weather a jam-packed and intense week.

Hannah Young
.
10 min
 read
You Should Feel ‘Positively’ About Your Security Tools: How We’re Mitigating False Positives in Identity Security

False positives are a huge problem in security: see what Crosswire is doing to prevent them and mitigate their effects.

Hannah Young
.
5 min
 read
Decoding the (Broken) Modern Identity Stack

We've made the modern identity stack entirely too convoluted and broken, but not for the reasons you think.

Hannah Young
.
10 min
 read
The Secret Third Step to Threat Detection and Response: Protection

How are you protecting your accounts before an incident can occur (or slowing an incident down before it really ramps up)?

Hannah Young
.
6 min
 read
How to Detect and Remediate Identity Threats; Solution 2: Remediate

This is Solution 2: Remediate of a two-part series on how to detect and remediate evolving identity threats.

Hannah Young
.
5 min
 read
How to Detect and Remediate Identity Threats; Solution 1: Detect

This is Solution 1: Detect of a two-part series on how to detect and remediate evolving identity threats.

Hannah Young
.
5 min
 read
AI D&R: AI (in Security) is Dead; Long Live AI (in Security)

Explore the historical use, modern approaches, and future applications of AI in detection and response (D&R).

Hannah Young
.
8 min
 read
Quick RSAC 2023 Recap: We’re Back (and Stronger Together)

From Armisen to AI/ML, catch up on what you missed from RSA Conference 2023 with Crosswire!

Hannah Young
.
4 min
 read
Defending Against Threats in Identity Security; Part 2: Remediate

This is Part 2: Remediate of a two-part series setting up emerging problems in identity security.

Hannah Young
.
6 min
 read
Why Now’s the Perfect Time to Join an Early-Stage Startup

If you’re looking for the right time to join a high-risk, high-reward venture, we’d argue that there’s never been a better opportunity.

Hannah Young
.
3 min
 read
It’s Not Just You: IT Security Audits are Stressful

IT security audits can be a pain for everyone involved: check out our solutions to make this auditing season just a little bit easier.

Hannah Young
.
5 min
 read
Why RBAC is obsolete

RBAC lacks sophistication and flexibility, failing to address the access needs of the modern company.

Hannah Young
.
3 min
 read
Defending Against Threats in Identity Security; Part 1: Detect

This is Part 1: Detect of a two-part series setting up emerging problems in identity security.

Hannah Young
.
5 min
 read
Identity Is a Co-owned Problem Between Security and IT

Who owns identity at your org? Identity is (and should be treated as) a co-owned problem between security and IT.

Hannah Young
.
5 min
 read
Your Okta Groups Should Be (Mostly) Empty

Yep, you heard that right; we at Crosswire believe that your Okta groups should be as empty as possible.

Hannah Young
.
2 min
 read
The Founding of Crosswire as Told by Its Values

Crosswire, and its co-founders Johnny and Nick, are building the future of enterprise identity in new and exciting ways.

Hannah Young
.
7 min
 read
RSA Conference™ 2023: Stronger Together

The theme for 2023’s RSA Conference™ is “Stronger Together.” When info security is more important than ever, so is collaboration.

Hannah Young
.
6 min
 read
6 Early Warning Signs of an Under-Resourced IT Organization

It’s no secret that your IT organization is crucial to your company. But are they getting all of the resources they need?

Hannah Young
.
5 min
 read
Cybersecurity Is More Critical Than Ever, and You (Yes, You) Can Do Something About It Now

Why cybersecurity is more crucial than ever and what you can do to make your organization more secure, no matter your role.

Hannah Young
.
7 min
 read
Google Workplace Organizational Units (OUs) according to Parks and Rec

What are Google Workplace Organizational Units, and how do they work (according to Parks and Rec)?

Hannah Young
.
5 min
 read
Practical Survival Guide to Okta Lifecycle Management

Crosswire’s technical usability guide to Okta Lifecycle Management (LCM), from onboarding to offboarding.

Hannah Young
.
6 min
 read
Authorization (AuthZ) and Authentication (AuthN): A Brief History

Authentication is who you are, and authorization is what you can do. Here, we dive into the history of these terms.

Hannah Young
.
5 min
 read