Deloitte’s Banking and Capital Markets Outlook 2020 urged financial services industry (FSI) organizations to support their digital transformation strategies by building tight governance structures, with strong cybersecurity. Deloitte also highlighted the requirement to focus on the human aspect of technological change: creating a collaborative culture which supports service innovation.
FSIs spend a lot of time responding to auditors. Compliance with regulatory mandates often dictates processes. However, variance in processes can increase tension between developers working to improve the organization’s agility; teams responsible for maintaining operations; and security and compliance teams.
Without a clear joint process, each of the teams may develop their own. Inconsistent IT configurations, patching and testing can make management and reporting difficult. A lack of shared processes can also allow technical debt to build, which inhibits change and introduces risk.
In addition to managing digital transformation, IT systems are upgraded regularly, entailing an intense period where the IT team focuses on configuration and testing every piece of technology. While this work is critically important, and because the risk exposure is significant if each component is not updated and tested, it is also stressful and can be tedious.
The challenge is further increased because many financial organizations are operating across a range of different environments, like Windows, Linux, public and private clouds, virtualized and container environments, increasing the complexity of their IT footprint.
To manage these efforts, Red Hat Ansible Automation Platform, delivers automated systems and application patch management, configuration management, and change management across distributed IT environments, with enterprise level analytics. Compatibility with the National Institute of Standards and Technology-certified OpenSCAP allows automation of regulatory compliance processes across distributed systems and within containers.
All processes should be designed with security in mind, rather than as an after-thought or separate activity.
Red Hat Ansible Automation Platform reduces the barriers for everyone in the organization to support improved security and compliance, bringing it to the forefront and by allowing people to communicate and work together towards a common goal and language, with a shared process.
A large multinational bank headquartered in the United States achieved this by uniting teams and allowing them to use Red Hat Ansible Automation Platform to create a common service registry, where developers could access Ansible Automation Playbooks that their colleagues had already written to solve the same problem. The bank has more than 500 people creating automation content with more than 5,000 technologists using that content globally.
Another tier one international bank used the platform to address conflict management in change management and configuration management processes. The bank created an Ansible community involving around 200 employees, including its distributed compute team and Big Data team, which operates around 2,000 servers.
A third international financial services firm has set up an online internal chat room community of 800 Ansible users, who share automation solutions and best practices that they have developed for the bank’s custom tooling.
Automation builds confidence, and trust
One of the principal goals of a successful automation implementation is that it will minimize manual input, which formerly created the possibility to introduce variation and errors. The standardization of processes that it inherently enables boosts confidence in accuracy, repeatability, and degree of quality control, while promoting a high degree of efficiency.
In the instance where thousands of servers need to be patched within a short timeframe to keep uptime standards and minimal disruptions or losses of functionality, an automated approach is required. Since manual efforts are unlikely to achieve the mandated goal in the desired timeframe, the most direct way to scale while meeting the security and compliance challenges is to automate the process.
Achieving Visibility and Control
Red Hat Ansible Automation Platform allows organizations to democratize IT and allows standardized processes to be completed faster, more broadly, and with a clear audit trail, retaining evidence that the FSI organization has carried out what it is required under local and international legislation.
A single control pane illustrates that security processes have been performed — at the right time by the proper personnel. The demonstration of governance helps wider organizational transparency by allowing compliance teams to easily identify variances and omissions so these issues can be addressed.
The platform provides clear visibility into usage by specific staff members and what detailed actions are being performed. An auditor can check what has been done using the human-readable Ansible playbooks and its logging capabilities, which are designed to be utilized by workers without a formal programming language background.
There are capital and human costs when performing security and compliance tasks manually, including the added risks of variation, errors and rework, loss of trust, and technical debt.
Successful deployments of automation reduce the extent to which staff is overwhelmed by managing routine tasks. In conjunction with implementing Red Hat Ansible Automation Platform, mundane patching tasks can be automated, giving developers time back to focus on more business-critical tasks and learning new skillsets.
As banks compete to attract and retain digital talent, automation reduces time spent on repetitive, but critical, security tasks, while helping staff carry out repetitive tasks to the same, or higher levels of accuracy and quality, with a high degree of auditability. Organizations can use automation to help reduce tedium and promote retention of talented staff.
To learn more, explore our whitepaper "Automated Security and Compliance for Financial Services."
About the authors
Richard Henshall is Senior Manager of Ansible Product Management at Red Hat and responsible for the Ansible Automation Platform strategy. With more than 16 years of experience in Financial Services IT across a range or operational, design and Architecture roles. As well as being an Ansible customer before joining the Red Hat team, he brings a customer focused viewpoint to compliment the strong engineering capabilities of one of the most popular open source projects.