Ensuring the compliance of your business is crucial to establishing a trusted relationship between a provider and their customers. Nowadays, every company has different policies that define how to comply with laws and business regulations. Maintaining and protecting data, remediating problems and timely reporting are essential actions in ensuring compliance regardless of the internal or external policies to which you need to adhere.
The HCL/IBM Workload Automation represents the software stack’s foundation layer in scenarios where data is managed, for example in ETL processing, so it must comply with the company’s policies.
In this article you’ll learn how HCL/IBM Workload Automation 9.5 ensures compliance by:
User accesses regulation
HCL/IBM Workload Automation can be configured to authenticate users through your company’s directory, typically LDAP or AD, and give access to the Dynamic Workload Console (the GUI) following a role-based authorization scheme.
A user or a group of users may be assigned to one or more of these roles and be able to perform the role’s specific actions:
Within the scope of allowed actions, a user can be limited to operate with a certain set of privileges over a set of objects, this workload security is based on the following principles:
Secure service provisioning
Using HCL/IBM Workload Automation you can provide to either internal or external customers orchestration capabilities as a service. In this case, it is very important to adopt a multitenancy model to govern different lines of business from a single central server infrastructure.
Security standards compliance
HCL/IBM Workload Automation is currently used by many Financial and Government institutions where compliance with security regulations is a high priority.
Auditing and tracking changes
All operations done from any interface are audited, and these actions can be stored in the database, in a file, or both.
The audited information includes; the action taken; the object changed; and the user who performed the change. It is recommended that the GUI interface be configured for Single Sign On (SSO) in order to properly track the user performing the operation.
It is also possible to enable the business justification feature. When the business justification is enabled and a change or action is performed, the user is requested to insert a reason, a description and a ticket number associated with the change. All of these parameters are configured by the administrator and can either be optional or mandatory to collect the information necessary to meet your audit requirements. These fields are inserted into the audit record and stored in the configured destination.
Secure code deployment
The job-as-a-code approach and DevOps processes require compliance with standards such as:
In HCL/IBM Workload Automation artifacts are versioned when created or modified. Through the Workload Designer page, it is possible to compare different versions of the same object and if necessary, restore an object to a previous version.
A big challenge in promoting workload from development/test environments to UAT or Production environments is ensuring that the workload is complete and consistent, with no anomalies. To accomplish this, HWA/IBM Workload Automation provides a standardized process of promotion across environments to meet this need. This process uses a feature called Workload Application Templates. A workload application template is a selection of job streams (applications) that are pulled into a package complete with all the artifact definitions and relationships required to make them work as an auto-consistent unit. Once defined, the workload application template can be exported as a zip file, this zip package constitutes the unit of code that can be stored in a SCM (source code management) tool. The import process is guided, and the interface allows you to create a mapping between the source objects and the destination objects where you can control any name changes, workstation assignments, variables and variable table remapping etc. Export and import operations can be done simply by using the GUI or it can be done programmatically using the CLI or by calling the RESTful APIs available to fully automate the promotion process even if it’s driven by an external DevOps product.
HCL/IBM Workload Automation meets and exceeds the most up to date security standards, regulations and internal business policies to make sure your business stays compliant.