Why security administrators became a speed-bump on BT Financial Group's road to automation

Automating common IT tasks created nasty security issues at BT Financial Group.

Westpac's wealth management arm BT Financial Group (BT FG) has reaped major benefits through an automation project for registering new staff, but the plan nearly suffered a major derailment after the organisation's security group failed to disclose some of its key information.

"We were three weeks from going into production on the new starter project when we uncovered that our security administration team had Active Directory groups which required additional approvals," Craig Wiseman, manger of environment and asset management for BT Financial Group, said during a presentation at Gartner's Infrastructure, Operations and Data Centre conference in Sydney last week.

"We'd never heard of this in the two or three months we'd been automating the process, and when we asked them where they stored these groups, they said it was in their heads. Irrespective of hours of conversations with the security admin team, they never thought to tell us that this was something they needed to automate."

Wiseman said the experience taught BT FG a valuable lesson: "Don't underestimate the hidden complexities in those processes."

Automation was deemed essential to ensure that IT resources weren't entirely consumed by maintenance tasks. Of a team of 150 infrastructure staff, 100 were routinely involved in maintenance, Wiseman said. "We needed to become more efficient in IT. Having a skilled engineer repeatedly performing minor activities over three or four days is not the best use of their knowledge."

The automation project was designed to handle the "new starter" process for fresh hires. With up to 46 individual steps, this had historically consumed a large proportion of IT resources.

In parallel, the company also wanted to automate processes associated with creating test environments for its ‘wrap account platforms’, which are refreshed up to a dozen times each year. "Depending on project demand, this was becoming a bottleneck in terms of delivering enhanced features for our product," Wiseman said.

An additional challenge was the wide range of platforms in use across the organisation. "Even though we try to standardise on technology, we have a mixture of Windows, Unix and VMS."

BT FG delivered a proof of concept project showing how both processes could be automated, and then assigned two staff to develop a fully realised project. Completing that development phase took five months, but would have been impossible without dedicated resources, Wiseman said.

"To maximise the benefit, it's vital that you dedicate resources," Wiseman said. "This cannot be an aside to somebody's main role or something they do part-time."

As the unexpected late discussion with security demonstrated, cultural issues can often be as big a problem as the merely technical. "One of the biggest challenges we've had to overcome is selling process automation to the end users," Wiseman said. Many fear that they'll either lose their job or (at the other end of the spectrum) that they'll be assigned additional responsibilities.

Despite the headaches, the project has delivered measurable benefits. The time to refresh wrap platforms has dropped from 1000 minutes to 10 minutes, and the new starter process has shrunk from to 10 seconds. "We've been getting through 50 users in the time it used to take to do one," Wiseman said.

Other processes have also benefited. A synchronisation of the address books used at Westpac and its subsidiary St George used to take 3 hours, and could only be run by one staff member.

"If he was off sick, that task didn't run," Wiseman said. Post-automation, the process now takes two minutes, and can be run more frequently if necessary.

Those time savings also provide the basis for the ROI calculations BT FG used to justify the investment, which compare the automation cost to the previous execution time multiplied by the standard divisional charge-out rate.

"That's not a complex ROI calculation, but it's absolutely adequate for what we need. It actually provides the data that we need at this point in time." BT FG is poised to save $80,000 a year through the system.

"Now the numbers stand up for themselves," Wiseman said. "Our belief is that IT process automation is absolutely vital in achieving the goals of our business."



Read more on Security policy and user awareness