Ensure a Continuous Process for Adding IT Assets to the CMDB
Asset management involves all of the policies, processes and procedures shepherding IT assets from acquisition to retirement.
Everything begins with an organization’s process for bringing in new IT assets and making sure they’re added to the CMDB, along with information about the date of purchase, means of procurement, cost and end of life. This not only helps security teams see what’s owned and authorized but also aids IT staff in controlling or reducing costs over time.
Track and Manage Assets Whether Deployed or in Use
Discovery tools, such as Microsoft’s System Center Configuration Manager or ServiceNow’s Discovery, can tell admins what’s in a government IT environment and populate information if an incident is reported with, say, a laptop. Organizations should also note which assets are in use and which have been merely deployed.
A bad process is better than no process in these instances; a process can always be improved and provides consistency useful in training new hires.
RELATED: Better asset management will help the Army with its three big challenges.
Respond to Vulnerabilities Before They’re Exploited
Asset management supports security operations by increasing the visibility of what is in the IT environment. Early detection is an important aspect of SecOps, so vulnerabilities can be patched before they’re exploited. Time is of the essence here.
Detection tools alerting analysts to cyber incidents can feed into the ServiceNow platform, as can tools identifying vulnerabilities to prevent a zero-day exploit. Automation can validate that patching has occurred, check for vulnerabilities multiple times per day and help with incident response.
