New IT roles and responsibilities
If you work in the IT department of an organization (regardless of your position), try to ask yourself how much your responsibilities and tasks have changed in recent years. I’m pretty sure you’ll find you are doing, even in the same role, a lot more than before.
This is the result of “the imperative to generate more business value using innovative technologies and approaches to information”, to use Gartner’s words. “Each IT role faces specific challenges—from planning and supporting digital acceleration to integrating more strategically with the rest of the business”.
Digital acceleration and the proliferation of multi-cloud infrastructures and AI-enabled processes have transformed the scope of IT, bringing it closer to the business. Alongside the technology evolution, new roles have emerged, and existing ones have evolved into consulting engineers and “business-like” roles. IT-professionals are architects, data engineers, data scientists, DevOps engineers, and advisors creating and managing governance rules and an ecosystem of external providers and vendors.
The demand of enablement and empowerment
New and expanded IT roles require new strategies of enablement and empowerment. The more IT can autonomously access and leverage different tools and technologies, the more it will be effective in helping the business. The other side of this equation is also true. Enablement and empowerment strategies lead to expanded roles, where more users can exploit technologies and capabilities beyond their traditional range of expertise.
This is no surprise in the era of democratization of technology when the technology rapidly continues to become more accessible even outside of technical roles within an organization.
Enablement and empowerment principles are also encouraged by self-service culture, where users throughout the organization expect autonomous access and adoption of tools.
How Control-M’s evolution aligns to new technology trends
Control-M, a market leading platform for orchestrating data and application workflows from BMC, has evolved to support organizations embracing the principles of enablement, empowerment, and self-service.
Today, employees throughout the organization–including business users and data, cloud, and AppDev teams–can benefit from having access to application workflow orchestration. For example, data engineers leverage Control-M to integrate, automate, and orchestrate data pipelines, from ingestion to analytics, to produce reliable and accurate actionable insights. Application developers integrate Control-M using Jobs-as-Code in their CI/CD toolchains, to quickly deliver high-quality applications into production that also meet governance, risk, and compliance requirements.
With Control-M’s latest release, BMC has delivered key features to empower teams to do their work in an autonomous way. Role-based administration is one of these features, and it is complemented very well by the centralized connection profiles feature.
“… role-based administration and Automation API will provide more freedom for customers to manage their connection (e.g. bank users can update passwords without sharing it with our team)” – Johann Vermeulen, IT Operations Analyst, BMW South Africa.
Let’s assume your data engineering team wants to use Control-M to simplify the management of its data pipelines. Who is responsible for setting up the Control-M infrastructure that enables data engineers to define, schedule, and manage data pipelines? Traditionally, Control-M administrators were responsible for setting up and maintaining the Control-M environment and administering roles and users. But, that limited the speed with which data engineers could get their activities done, since it required back-and-forth tickets with the administrator.
Role-based administration now enables product teams to manage their own workflow orchestration environments with full autonomy, eliminating the need to submit ticket requests to the Control-M administrator. With this feature, product teams are empowered by the delegation of administrative privileges. So, in the above example, data engineers can autonomously perform all the administrative tasks that are prerequisites to orchestrating their data pipeline and can complete their business faster. Those tasks include:
- Deploying Control-M agents and application plug-ins–pre-requisites to integrating disparate data pipeline technologies across all servers
- Managing connection profiles and user definitions–pre-requisites to securely accessing and running data technologies and applications
Controlled access to your resources
Data engineers are likely not the only team accessing Control-M to make their jobs easier. Suppose the file transfer team has also been given full control and autonomy over their stack through role-based administration to orchestrate file transfers alongside related application workflows.
Each team needs autonomy to do their work but must have restricted or controlled access to their environment to prevent damage from other teams, and so they don’t damage other teams’ environments.
How can controlled access be implemented? The Control-M administrator can restrict access and control to the teams’ defined resources by using tags and authorization granularity.
For example, the file transfer team can be granted access only to agents starting with the string mft* through tags assigned to agents in their role authorization settings. On these agents, the team can be granted the permission to manage specific application plug-ins and not others. Also, the team can be granted access to connection profiles only if their name starts, for example, with connmft*. Finally, teams can be given different levels of authorization on their resources (browse/update/full).
With the appropriate settings, the file transfer team does not have access to the data engineering environment–and vice versa. When logging in to Control-M, any member of the file transfer team is subject to the access control specified via role-based administration and can only see or manage the resources that have been made available to them.
“As technology changes are constant, we continue to see that BMC Software is aligning Control-M to meet these fast-paced demands. We are excited to roll out more Application Integrator solutions and utilize role-based administration to empower our internal customers with more control over their batch workflows” – A Fortune 500 benefits company.
Centralized connection profiles
Prior to the latest Control-M release, connection profiles were bound to agents. Users had to create connection profiles to connect applications for each agent where the applications run. With the changes introduced with role-base administration, the need to decouple connection profiles from agents became evident.
With the centralized connection profiles, Control-M now allows users to have the same connection profile across all available agents.
Let’s consider the above scenario again. The file transfer team can now add another agent to the list of available agents by simply tagging it with the *mft tag. Thanks to centralized connection profiles, the team can immediately start running tasks on the new agent, using the connection profile already created for the existing plug-ins.
In its Top Strategic Technology trends 2021, Gartner writes: “As organizations accelerate digital business strategy to drive faster digital transformation, they need to be agile and make quick business decisions informed by currently available data… This will also include increasing autonomy and democratization across the organization, enabling parts of the business to quickly react instead of begin bogged down by inefficient processes”.
Democratization of technology inspires a culture of enablement, empowerment, and self- service. BMC is constantly evolving Control-M to support these new principles. It empowers teams (even non-technical ones) throughout the organization to benefit autonomously from application workflow orchestration.
Ready to learn more?
Click here to learn about the newest Control-M features.