Why IT Asset Inventory is Important
Written by: Derek Pocoroba
How many marbles are in this jar? 20, 50, 100? This question is similar to a question we have been asked or have asked dozens of times. “How many XYZ do you have in your environment?” XYZ can be users, devices, workstations, domains, IP address. The list can go on and on.
The scarier part of this question is the answers I often hear back. If you talk to HR, you get one response. Talk to IT; you get a different response. Talk to security, and they give you an even different response. A lot of times, the answer is “ I don’t know.”
Why inventory is important:
When you think about building a solid cybersecurity foundation, it’s highly critical to know what assets you have in order to know what you have to protect. I bet if I asked you to count the windows and doors in your home, you would be able to do that accurately; having the same ability in your network should not be any different. Of course, doing this for tens of thousands or more devices is not always easy. However, you can’t protect what you don’t know exists. Therefore I strongly feel that device, node, etc. inventory is so important and should be the near number #1 priority in a robust cyber defense.
How to handle it:
Fortunately, there are many ways to help handle this task of tracking. There are specific tools and platforms that exist solely for tracking assets, nodes, IoT, etc. devices on a given network and cloud networks. You can use records from things like DHCP and ARP table entries. Gather information from Active Directory. Feed data into Syslog services. Look at IP table usage. Your mileage will vary based on your IT maturity, network size, and budget.
Also, keep in mind that not all assets will exist behind the “walls” of a centralized network now. You have multi-cloud, IoT, remote workforce, and BYOD devices to worry about. All of these devices can pose cyber risk to a company and its customers.
“How many IoT fishtanks does your network have?”
The best thing you can do is get started tomorrow. Start to at least gather some information about the networks you manage. I bet you will be shocked at the number of devices you have utilizing the network. Start to think about trending and how the usage goes up over time. You will rarely see network usage and inventory decrease. The threat actors are always looking at your public assets. The last thing you want is for them to know of something you don’t. Remember that old development website you stood up for marketing three years ago? They didn’t… go check.
Learn More about TG Secure Pro
Are you ready to be proactive instead of reactive? Contact us today.
Stay up to date with the current trends in cybersecurity by subscribing to our YouTube channel.