Many organizations have transitioned, or are beginning to transition, to cloud-based workloads with multiple devices on a single network. This can make it difficult to keep track of all assets, and many organizations have not implemented an updated system for this process. The COVID-19 pandemic has only complicated this at the moment with a mass remote work deployment, leaving inventory chaotic and confusing.
An IT asset management (ITAM) program can help with cost savings, compliance requirements and regulating secure environments. Without an ITAM, it can lead to vulnerabilities in your network, because how can you protect it if you don’t know what you’re securing?
Assets to look for:
There are four main categories for assets that organizations have to manage – software, physical, mobile and cloud assets.
1. Software assets: This type of asset includes all software applications on any device within the organization.
2. Physical assets: This includes all hardware connected to the network– laptops, PCs, printers, etc.
3. Mobile assets: Smartphones, tablets, etc.
4. Cloud assets: Workloads that communicate with the network – cloud-based databases and applications.
What tools can be part of your ITAM security strategy?
Vulnerability assessments: This assessment can be used to scan and identify vulnerabilities on devices on the network. However, it should be used with other tools because vulnerability assessments can miss assets because It doesn’t know they exist.
Identity access management: These tools can authenticate and authorize users and devices to give a better and broader idea of what is on the network.
Network data mapping: This can help to generate a foundation of all hardware and software assets on the network.
Cloud access security brokers: These help control cloud deployments. They can also discover, control and secure access between end users.
IT asset management reporting: ITAM software can generate reports on hardware and software usage. This can provide information on workflows, life cycle and other metrics that will be important for insight on assets.
Questions to ask while organizing:
Asset managers will know to ask basic questions – such as, “Is this asset known? Is it managed? Where is it located?”, and more. However, they should ask additional, deeper questions to improve the security strategy.
How has the pandemic changed things in your environment?
You should consider how has your environment changed with the mass shift to remote work. There could be new laptops or other devices now in use and accessing the network remotely. These devices and connections could have been missed amongst the rush to remote working.
Do the assets align with business objectives?
This can go along with the changes that have happened because of the pandemic. All assets should be important to the purpose of the company, but if they no longer align with objectives, then they become liabilities.
How can you cut cost?
With each piece of hardware comes many software licenses. You should sort through each software installment and whether it is still being used or if it’s necessary. If software isn’t necessary anymore, it can save money once removing the software or cancelling any payment plans in place.
All of these aspects can help you put your own ITAM in place and create a strong security strategy. However, you have to continue to evaluate each aspect of the strategy to make sure it is still strong and there are no vulnerabilities that have arisen.