The word ‘innovation’ conjures up images of flashy or exciting changes in how a business operates. But as CTOs executing digital strategies know only too well, the biggest business gains often come from automating processes and tasks that happen behind the scenes. In this Q&A with Laurence Pawling, vice president of global operations at GlobalSign, we explore the drivers for automating bread-and-butter tasks – including management of digital certificates – before investing in more attention-grabbing technologies.
Can automating key processes create more time for tech teams to drive innovation elsewhere?
Absolutely. The biggest time-sink in any organisation is the day-to-day stuff – it’s in security, it’s in patching, it’s in management, etc.
Even though we live in this world of Terraform Cloud, there’s a certain amount of tech debt in making sure you’re continuing to manage everything. For example, an EC2 (AWS virtual server) still needs patching. Or a Lambda (serverless compute service for running code without having to provision or manage servers) still needs updating to the latest runtime version.
It’s unfortunately the bread-and-butter stuff that takes the most time. So the more you can automate that, the better. And the more time you then have elsewhere.
In the case of digital certificates, automation not only removes the need to renew them manually but provides you with more security too.
When you automate PKI certificate management, you don’t need to worry about certificates expiring
Could you tell us more about how CTOs can use automation to streamline management of digital certificates? For instance, what kind of time-savings and efficiencies does this unlock?
At the end of the day, anybody who’s using a private trust hierarchy can create a CA (Certificate Authority) and issue from it. It’s the management part that’s more difficult: making sure you’ve always got access to what’s revoked, what’s still active, what’s expiring, that you can query individual certificates for their status, etc.
All of these things have been built into our APIs, and we actually use our own products because it’s the easiest way of managing our certificates. We use our tool called AEG, for example, which is a certificate management and automation platform that plugs into your Active Directory and allows you to quickly renew and deploy certificates.
When you automate PKI certificate management, you don’t need to worry about certificates expiring. It also reduces human error, which can be incredibly expensive and disruptive. In fact, it’s one of the single biggest causes of outages and downtime. But once you automate, you don’t need to worry about somebody issuing the wrong certificate and it not working properly. You completely take that issue out of the equation.
So not only do you get time savings from automating the process – such as the issuance, renewal and revocation of digital certificates – you can also save time on the recovery side of things as well.
AI is all the rage, but can investment in less flashy solutions deliver deeper long-term benefits to the business?
A lot of the terribly unsexy stuff is where the real gains are. AI is everywhere at the moment. But you can’t just sign up to GitHub Copilot or Microsoft Copilot and suddenly improve your efficiency by 30%. It doesn’t work like that.
Like everybody else, we’re running the pilots, we’re exploring ideas on where we can increase efficiency using AI. But you need to find ways for it to pay for itself, because not everybody on the IT team is going to be able to – or has the time to – find ways to use it effectively.
So if 5% of the IT teams’ time is currently available for wishlist projects, rather than putting that time into AI, make sure you’ve got the basics sorted first. Because that is going to have a much bigger effect on efficiency than AI ever will.
What should CTOs keep in mind when assessing solutions that could help streamline key IT processes?
Automation is something that is constantly evolving – and I’m not always going in the same direction.
It can be very tempting for a head of department, in the same way as chasing AI hype, to go for the sexy solution. But you have to choose the solution that’s right for you.
However, there is very rarely, almost never, a perfect solution. So you’re probably going to be looking at two or three 80%-right solutions and deciding which one is the best fit for your needs.
As well as whether a solution meets your technical requirements, comes with the right support and fits your budget, you’ve also got to think about your staffing requirements too.
Any final advice for CTOs looking to automate routine tasks and processes?
It is very easy to over-engineer in the interests of automation. Engineers will, by definition, always go for the engineered solution because that’s how their minds work. That’s something that’s laudable and we celebrate it. But at the same time, you do spend a lot of time pulling them back and saying: ‘A solution that just does the job is fine!’
For more information, visit globalsign.com/en
