Security Market Segment LS
Monday, 23 March 2020 15:43

How digital workers (aka software robots) protect our identity

By Dan Ternes Blue Prism
Dan Ternes, CTO APAC Blue Prism Dan Ternes, CTO APAC Blue Prism

GUEST OPINION by Dan Ternes* : Rapid advancements towards digital transformation are putting significant pressure on traditional identity and access management (IAM) systems, generating huge amounts of data every day. As businesses continue to expand both physically and digitally, organisations are faced with an exponential increase in new user identities and an endless stream of access requests.

A multinational bank with 60,000 internal and contractor staff, for example, faced the dilemma of how to make IAM more efficient. Provisioning access for all of these employees to its 300 internal systems was no easy feat. In fact, it was a centralised, dedicated task fulfilled by a team of 50 individuals.

This dedicated team handled approximately 150,000 requests every year for employee access control into the right areas of buildings and into the right applications. Each request involved access to an average of eight applications and took four days to complete. Getting it wrong has significant consequences, particularly the threat of data loss or misuse.

A recent study by Forrester Research identified a direct correlation between data breaches and an organisation’s IAM maturity. While sophisticated IAM solutions are commonplace, they involve substantial manual labour and, more importantly, rely on the complete, consistent and error-free application of company policies by humans.

Assigning access rights to employees is one of the first key steps in security. But there’s got to be a more efficient way than the very labour intensive and repetitive way the bank, and many other organisations, are going about it, especially for something so time critical as onboarding new employees.

It’s a real problem that organisations face. The greater the number of people, the more exacerbated the problem. Not only does it impact access control, but privacy and cybersecurity are also fundamental concerns, particularly securing digital identities.

So how do you make IAM, and cybersecurity in general, more efficient?

Introducing digital workforces

The emergence of automation and digital workforces is a game changer, bringing new levels of efficiency to all aspects of business and industries. With the ability to automate time-consuming, mundane and repetitive tasks, robotic process automation (RPA) is increasingly playing an important role in improving the efficiency and effectiveness of IAM. In particular, minimising human involvement and reducing the number of errors that occur in that process.

If we go back to the bank example, a digital workforce was integrated into the company’s IAM process to cover the highest volume request types. Digital workers complete elements of those requests that are in-scope and returns any uncompleted elements to their human colleagues for manual fulfilment.

A large portion of the bank’s access requests are now automated, reducing the process from four days to a couple of hours. The number of reported errors decreased from 15 percent of requests to less than one percent, which is the most important element from a cybersecurity perspective given that errors create the potential for breaches.

This example illustrates the benefits of applying digital workers in cybersecurity situations.

Cultural and organisational challenges

Typical challenges with implementing a digital workforce in IAM are generally the same as those that impact most RPA implementations irrespective of use and technology solution. The primary challenges lie with organisational and cultural adoption problems arising from a fear of the unknown, obsolescence and job redundancies, as well as an unfamiliarity with the best practices of operating a hybrid, human/digital workforce.

A lack of understanding has led many to think technology is going to replace them, or at a minimum reduce the workforce. This couldn’t be further from the truth. Digital workers won’t replace humans with machines – it isn’t a plot to dismiss humans from the workplace altogether.

Instead, they free up human talent to focus on higher value and more rewarding activities that serve to differentiate the business. The role of digital workers is to augment and complement their human colleagues, “freeing the robot” inside of them in the process, and in turn, increasing their overall job satisfaction.

Preparing the workforce for change

The key to success is having a solid change management process in place and involving employees early on in the journey, so they clearly understand the impact and intention of the automation project. The reasons must be clearly communicated so they’re easily understood to engage the business and get everyone on board.

In many cases, automation will take a portion of people’s roles or daily activity away, so know from the beginning how you’re going to reallocate their time. Upskilling will be required if employees are now being asked to do something different that wasn’t part for their previous job.

Treat digital workers as securely as humans

Like with the human workforce, RPA has the potential to touch every enterprise application, as well as the critical data within it. This of course streamlines processes, but given a digital worker is attributed a number of privileges, it’s critical to ensure that data isn’t misused.

Organisations have come to understand that a digital workforce requires oversight, security and governance safeguards similar to their human counterparts. Strict controls must be in place to regulate how digital workers are configured and how any changes are managed and approved.

One thing is certain, by properly managing the unification of human and digital workforces from the very beginning, you’ll have a greater chance of success in improving your IAM workflows.

About the author

*Dan Ternes is chief technology officer, APAC for Blue Prism. He is a senior IT executive with 25 years’ experience in the enterprise software industry, architecting and evangelising innovative solutions across RPA, BPM.


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.




Recent Comments