Over the years automation has been recognized as a word synonymous with efficiency and cost-savings. Why wouldn't an organization want to automate more of their business processes and remove costly and often error-prone manual steps? The answer traditionally is that a certain scale is needed by an organization, an inflection point, in order to justify the upfront work to realize the longer-term efficiencies. Also, we've all worked at companies where team members become accustomed and even get very good at doing things the way they are used to. As an organization grows and the pain is felt across enough team members the push for improved tools and automation is then made.
In a traditional enterprise environment it was the norm in the past and may even be acceptable today. For cloud service providers, automation is a must-have on day one if there is going to be any chance of scaling the business. Even a single manual step required by an employee of the cloud service provider takes away from the overall experience of the end-customer. Imagine signing up for a cloud offering and being told at the end of your registration that you will be notified once your service is completely configured and ready to go. That is completely different from signing up and being able to use the service right way. When it comes to data security, the same is true in that the end-customer's experience with the application should not be inhibited in any way. There may be additional policy configured required by the end-customer but this is where a default set of policies makes sense. As part of the on boarding process (the part that says that you are 50% complete in optimizing your profile) the user can be directed to a section that allows for adjusting security policy based on the specific requirements of the end-customer organization. The goal is to create an elegant and frictionless end-user experience, which is accomplished by giving attention to design and leveraging automation wherever possible.