[BreachExchange] Why Managing Your IT Inventory Is Vital To Staying Cyber Safe
Destry Winant
destry at riskbasedsecurity.com
Fri Nov 9 09:35:12 EST 2018
https://www.informationsecuritybuzz.com/articles/why-managing-your-it-inventory/
Cybercrime is a growing epidemic that affects businesses of all sizes.
Organisations have a responsibility to protect the data of their
employees and customers. So they are investing in expensive hardware
and software solutions. Yet businesses don’t realize that without
effective management of those solutions, every component they add to
their IT inventory becomes a new point of vulnerability.
Cybercriminals can exploit unaccounted and out-of-date hardware and
software to hack systems. So companies need to put effective IT asset
management solutions in place.
What IT Asset Management (ITAM) Entails
IT managers have to keep track of their IT inventory. They have to
deal with contracts, licenses, updates, and regulatory compliance
issues. The use of the cloud and mobile devices are adding new layers
of complexity. In the early days, managers could get away with using
spreadsheets to keep track of their IT assets. Today most
sophisticated operations use some form of IT inventory management
software. These tools are better suited to deal with various aspects
of IT asset management:
Hardware Asset Management: IT departments have been dealing with
servers and workstations for a long time. But that doesn’t mean that
it has gotten any easier. A good ITAM practice requires that hardware
is properly tagged and tracked throughout its lifecycle. The firmware
of each hardware needs to be updated regularly. A good IT inventory
management software has the provisions to handle the complexity of
dealing with various aspects of hardware management.
Software Asset Management: Software provides a different set of
challenges. IT departments have to prevent unauthorized software
installations. They have to ensure security updates are regularly
applied to installed applications and access management rules are
followed properly. Good ITAM tools can keep track of software updates,
license expirations, and compliance requirements. Regulatory audits
are easier with software asset management.
Cloud Asset Management: Cloud-based services like SaaS, IaaS and PaaS
are relatively new developments. So IT departments are still trying to
figure out how to address various issues. In a pre-cloud environment,
teams had total control over the IT inventory. But cloud environments
use the shared responsibility model. Most ITAM tools are still not
highly evolved for cloud asset management. So IT teams need to pay
special attention in this area.
End-User Mobile Device Management: More companies are adopting
bring-your-own-device (BYOB) policies. Even though its great for
productivity, its a nightmare for implementing security. Tracking and
monitoring BYOB devices through IT inventory management is a high
priority for IT departments.
Why ITAM is Crucial for Effective Cybersecurity
For any modern organisation, it’s not possible to create a robust
cybersecurity program without having an efficient ITAM solution. There
are just too many tools and services to keep track of.
For example, a single employee might have a PC, a mobile phone, and a
tablet. In addition, the employee might have access to various servers
and cloud applications. If cybercriminals can obtain even one password
to any of these endpoints, they can often use that password to hack
into other systems to gain more valuable information.
Also, cybercriminals can launch sophisticated phishing attacks,
exploit software vulnerabilities or steal employee devices. IT teams
need to fight battles on all fronts by keeping software and hardware
up-to-date and having the capability to shut down stolen devices.
Recent attacks in the UK shows cybercriminals are taking advantage of
all these vulnerabilities.
British Airways Hack: Financial information of around 380,000 British
Airways passengers were hackedduring a 15-day breach in August 2018.
Initially, British Airways didn’t know how the hackers got access to
the data as there wasn’t any internal breach. Later security experts
discovered that the scripts for its baggage claim information page
were changed just before the hack started. The cybercriminals
exploited the weaknesses of those scripts to intercept customer
information. This shows an important reason for having ITAM solution.
There is no information available about how BA managed its IT
inventory in this case. But good ITAM solution would make finding
vulnerabilities like this easier for security experts. Experts would
be able to discover problems faster using ITAM historical data.
Without proper ITAM, the same task will take significantly longer or
even make the problem untrackable. It will increase the chances of
future attacks.
NHS WannaCry Attack: The WannaCry ransomware attack of UK’s National
Health Services (NHS) caused canceling of 19,500 medical appointments,
locking of 600 computers at GP surgeries and put 5 emergency centers
out of service. The damage could have been worse if a security
researcher hadn’t accidentally discovered the kill-switch to the
ransomware. But this attack could have been prevented in the first
place through IT asset management. If NHS had updated their Windows
operating system properly, the WannaCry could not have caused this
havoc.
Establishing a Cyber Resilient Business Using IT Asset Management
IT asset management will not solve cybersecurity problems
automatically. Businesses need to design and implement their IT
inventory management software with cybersecurity assessment in mind.
However, cybersecurity-aware ITAM solutions will help your business in
multiple ways. Here are some of the benefits:
Visibility and Transparency
ITAM solutions designed with cybersecurity objectives will help you
find security risks faster. If you have a configuration management
database (CMDB) for your IT assets, you can easily pinpoint when a
problem happens. With regulations like GDPR, this becomes more
important as you are legally required to report your security
breaches.
Early Security Threat Detection
Hardware asset management and software asset management tools keep
historical records or logs of various information. This information is
a great resource to recognize irregularities or anomalies. This data
can help your business early detect cyber attacks and take preventive
measures.
Data Traceability
Data is the most valuable resource for businesses in the information
age. Your ITAM solution gives you the ability to organize and align
the data from your employees, your customers, and your infrastructure.
So you’ll have more control. It’s an important tool for tracking and
securing data.
Cost Optimisation
Cybersecurity is expensive. Most companies stop tracking their
hardware or updating their software due to the associated costs.
Initially, an IT inventory management solution might take resources to
set up. But it will save you time and money in the long-run. It will
make tracking and updating hardware and software assets easier and
more efficient.
In Conclusion
No solution can stop all cyber attacks. But an ITAM solution can help
your organisation build the necessary security strategies to improve
your chances of preventing an attack. And a robust ITAM solution can
help your business stay safer.
More information about the BreachExchange
mailing list