Why Asset Management is the First Step in Cyber Hygiene
Your challenge: managing millions of dynamic, distributed, and diverse IT assets.
With globally distributed workforces and assets hiding in the shadows growing exponentially, maintaining a complete and accurate inventory of every IT asset and achieving real-time visibility at scale is more challenging than ever before. After all, to keep our doors and windows locked, we need to know how many there are and where they are at.
Yet the industry has failed to deliver a viable solution to the visibility problem, offering hub-and-spoke models, slow and saturate networks, that instead limit visibility in modern and complex environments.
It’s no wonder many organizations can’t accurately report essential details about their environment. Solving this problem requires you to get back to basics.
To preserve and improve cyber hygiene, you first need to know what IT assets you have. Do you have 50,000, 100,000 or 500,000 computers and servers in your organization? Where are they? What are they? What’s running on them? What services do they provide?
Answering those questions is what developing asset visibility—and following an asset discovery and inventory process—is all about. It’s the foundation for creating and maintaining cyber hygiene.
Why cyber hygiene depends on asset visibility
To manage your endpoints, you need three levels of knowledge:
- What assets do you have, and where are they?
- What software is running on them, and are they licensed? You need more than a hostname or an IP address.
- How do the machines on your network relate to one another, and what is their purpose? In the world of servers, for example, you may have a group of servers that exist solely to host a service, like a company website.
All companies need this information, which in modern IT changes constantly. Network assets come and go, especially with bring-your-own-device (BYOD) policies and more companies encouraging employees to work from home (WFH).
And as networks become more complex and change faster, it becomes harder to maintain visibility into them. The consequences of losing sight of what assets there are and what those assets are doing become greater and greater.
Why organizations struggle to create asset visibility
There are two primary reasons why organizations struggle to answer basic questions about their assets to maintain cyber hygiene.
1. Endpoint discovery has become a constantly moving target.
Not every endpoint on a network is a desktop computer, laptop, or server. There are printers, phones, tablets, and a growing number of consumer and industrial internet of things (IoT) devices. Mobile device management (MDM) is a growing application field.
But why should you have to worry about a consumer IoT device compromising the corporate network? Consider an employee working from home and the company’s security team is receiving alerts that someone is trying to break into her laptop. The source is a refrigerator with malware scanning her home network and trying to get into her device, which was temporarily on the corporate network. The same thing could occur with a smart light switch, thermostat, security camera—you name it.
Every device type can create operational and/or security risks, and the number of these types will only continue to increase in the coming years.
2. Legacy tools struggle to create visibility in this new environment.
Asset discovery tools built 10 years ago preceded many of the things modern IT environments operate with daily. Two examples: containers and hybrid clouds.
These tools can’t handle the rate of change we see now. Yet organizations often remain attached to the tools they’re comfortable with, many of which are not easy to use. They may take pride in mastering hard-to-use tools. Maybe they wrote custom scripts to make them work more effectively.
The unintended—and unfortunate—consequences of that are IT policies and processes crafted not because they’re the best way to address an issue, but because they fit the capabilities of the tools in use. It’s the IT version of “if you have a hammer, everything must be a nail”, with the policies being “we must nail things.” Entrenched tools become part of the IT ecosystem. But the best IT policies should be tool-agnostic. A tool built in 1993 or 2010 can’t offer that flexibility.
Next step: zero trust
Cyber hygiene is just the first step toward creating a more secure organization. The right asset visibility capability will also lay the foundation for nearly any zero-trust strategy or solution you choose to bring to life.
When everything is a network device, everything is a potential security vulnerability. You need policies and procedures that break endpoints into three categories: managed, unmanaged, and unmanageable.
Endpoint discovery is the first crucial step in the trend toward zero-trust solutions. CSO Online describes zero trust as “a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.”
Threat response and remediation tools are only as good as the breadth of endpoints they’re running on. And with the endpoint acting as the new perimeter, endpoint discovery really is where cyber hygiene and security begin. Implementing a zero-trust practice thus becomes the next meaningful step on that journey.
Learn how to migrate to a zero-trust architecture with real-time visibility and control of your endpoints here.
