WORKLOAD AUTOMATION COMMUNITY
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new

Compliance? We’ve got you covered!

3/3/2020

0 Comments

 
Picture
Ensuring the compliance of your business is crucial to establishing a trusted relationship between a provider and their customers. Nowadays, every company has different policies that define how to comply with laws and business regulations. Maintaining and protecting data, remediating problems and timely reporting are essential actions in ensuring compliance regardless of the internal or external policies to which you need to adhere.
The HCL/IBM Workload Automation represents the software stack’s foundation layer in scenarios where data is managed, for example in ETL processing, so it must comply with the company’s policies.

In this article you’ll learn how HCL/IBM Workload Automation 9.5 ensures compliance by:
  1. Regulating user access
  2. Providing secure services
  3. Complying with security standards
  4. Securely tracking changes
  5. Managing secure code deployment
 
 User accesses regulation
 
HCL/IBM Workload Automation can be configured to authenticate users through your company’s directory, typically LDAP or AD, and give access to the Dynamic Workload Console (the GUI) following a role-based authorization scheme.

A user or a group of users may be assigned to one or more of these roles and be able to perform the role’s specific actions:
  1. Administrator - Has all access available, including system & security configuration
  2. Developer - Can design workload objects but has no access to administration functions
  3. Operator - Is able to monitor and manage planned workload including ad hoc job submission
  4. Analyst - Creates and runs report tasks only
 
Within the scope of allowed actions, a user can be limited to operate with a certain set of privileges over a set of objects, this workload security is based on the following principles:
  1. Role – a profile made up of a combination of privileges
  2. Security domain – a set of data identified by a naming convention
  3. Workload folder – a set of data partitioned by the category (virtual location) where they are saved
  4. ACL – the assignment of a role on a security domain, a folder to a user or group of users.
 
 Secure service provisioning
 
Using HCL/IBM Workload Automation you can provide to either internal or external customers orchestration capabilities as a service. In this case, it is very important to adopt a multitenancy model to govern different lines of business from a single central server infrastructure.
  • The security model described above ensures that each LoB is segregated and isolated from one another.
  • Installing agents as gateways ensures that the network is segmented into different network zones (at least one per LoB is recommended).
  • Assuming that each LoB is assigned to a workload folder space, it is possible to delegate the security administration of a folder and its sub-folders to a LoB administrator. This simplifies LoB administration and provides administration redundancy. 
 
Security standards compliance
 
HCL/IBM Workload Automation is currently used by many Financial and Government institutions where compliance with security regulations is a high priority.
  • All network communications are encrypted with TLSv1.2
  • Default certificates can be hardened even using an external Certification Authority
  • All operations can be audited (this topic is discussed in the next section)
  • HCL/IBM Workload Automation is GDPR enabled and all sensitive data can be vaulted in a local encrypted file and resolved at runtime when a job requires them, and no sensitive information is sent across the network
  • HCL/IBM Workload Automation has been certified internally by customers for the PCI DSS standard for credit card management
  • HCL/IBM Workload Automation is FIPS and FISMA compliant
  • HCL/IBM Workload Automation is highly available by design, and no OS or HW configuration is required to set up high-availability or disaster recovery
  • Vulnerability scans are performed before releasing a new version, and no high severity exposures (OWASP definitions) are present when a version is released.
 
Auditing and tracking changes
 
All operations done from any interface are audited, and these actions can be stored in the database, in a file, or both.
The audited information includes; the action taken; the object changed; and the user who performed the change. It is recommended that the GUI interface be configured for Single Sign On (SSO) in order to properly track the user performing the operation.
 
It is also possible to enable the business justification feature. When the business justification is enabled and a change or action is performed, the user is requested to insert a reason, a description and a ticket number associated with the change. All of these parameters are configured by the administrator and can either be optional or mandatory to collect the information necessary to meet your audit requirements. These fields are inserted into the audit record and stored in the configured destination. 
 
Secure code deployment
 
The job-as-a-code approach and DevOps processes require compliance with standards such as:
  • Version control and change management
  • Artifact controlled promotion
 
In HCL/IBM Workload Automation artifacts are versioned when created or modified. Through the Workload Designer page, it is possible to compare different versions of the same object and if necessary, restore an object to a previous version.
 
A big challenge in promoting workload from development/test environments to UAT or Production environments is ensuring that the workload is complete and consistent, with no anomalies. To accomplish this, HWA/IBM Workload Automation provides a standardized process of promotion across environments to meet this need. This process uses a feature called Workload Application Templates. A workload application template is a selection of job streams (applications) that are pulled into a package complete with all the artifact definitions and relationships required to make them work as an auto-consistent unit. Once defined, the workload application template can be exported as a zip file, this zip package constitutes the unit of code that can be stored in a SCM (source code management) tool. The import process is guided, and the interface allows you to create a mapping between the source objects and the destination objects where you can control any name changes, workstation assignments, variables and variable table remapping etc. Export and import operations can be done simply by using the GUI or it can be done programmatically using the CLI or by calling the RESTful APIs available to fully automate the promotion process even if it’s driven by an external DevOps product.
 
 
In conclusion.
​
HCL/IBM Workload Automation meets and exceeds the most up to date security standards, regulations and internal business policies to make sure your business stays compliant.

Picture

PHILLIP GAYLE

North American Sales Director for HCL Workload Automation. Phillip has over 10+ valuable experience in Sales, IT Operations, Security & Privacy, and Marketing. Phillip has worked with both Global and Local companies from various industries across all of North America.

View my profile on LinkedIn
Picture

RICCARDO PIZZUTILO

Technical Sales Specialist in the Workload Automation team. He first worked as a Test Engineer and later moved to Technical Sales for HCL Workload Automation. He has a degree in Telecommunication Engineering and loves interacting with customers, traveling and baking cakes. As a Technical Sales and Solution Architect he helps customers find the right workload automation solution for their needs. He is currently based in HCL Software laboratory in Rome.

View my profile on LinkedIn
Picture

BRUCE WHITEHEAD

Bruce has 23+ years of Workload Automation experience. He started working in the Workload Automation arena at Best Buy, a leading US electronics retailer. After 12 years there he spent 10 years at United Health (Optum) and helped them deploy one of the largest workload automation environments in the world. Currently he is a Tech Sales Specialist and Architect working for HCL Software.

View my profile on LinkedIn
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    January 2020
    December 2019
    November 2019
    October 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017

    Categories

    All
    Analytics
    Azure
    Business Applications
    Cloud
    Data Storage
    DevOps
    Monitoring & Reporting

    RSS Feed

www.hcltechsw.com
About HCL Software 
HCL Software is a division of HCL Technologies (HCL) that operates its primary software business. It develops, markets, sells, and supports over 20 product families in the areas of DevSecOps, Automation, Digital Solutions, Data Management, Marketing and Commerce, and Mainframes. HCL Software has offices and labs around the world to serve thousands of customers. Its mission is to drive ultimate customer success with their IT investments through relentless innovation of its products. For more information, To know more  please visit www.hcltechsw.com.  Copyright © 2019 HCL Technologies Limited
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new