How many endpoints or devices are on your network right now? First of all, are you confident that you actually know the answer to that question. Assuming you think you do, what are the odds that other teams or individuals in your organization will give me the exact same answer if I ask them the same question? Having visibility and knowing what assets exist on your network is important, but it is also important to have a single source of truth for that information so everyone in the company is making decisions based on the same information.
Michael Smith, an information security engineer with TravelClick, presented a session at the Qualys Security Conference last fall titled “Gaining Total Visibility of Your Environment.” In it, Smith described some of the challenges that arise through mergers and acquisitions, and the issues trying to manage and protect a heterogenous environment of diverse hardware, operating systems, and applications.
TravelClick is certainly not unique when it comes to the need for visibility and a single source of truth. Maintaining an accurate inventory of IT assets is a huge problem that many—if not most—organizations face. Often there are proof-of-concept deployments, temporary projects, and test environments that are no longer being used, yet still exist as “ghost networks” in the environment. Businesses also have to deal with the issue of shadow IT and having users deploy unauthorized hardware or implement unsanctioned applications on the network as well.
The problem is that these ghost networks and rogue networks expose the environment to risk. If nobody is aware that the assets exist and nobody is responsible for actively maintaining them, it is likely that there are unpatched vulnerabilities that could provide a crack in network armor and allow malicious attackers to gain access.
The Three V’s
It’s imperative for organizations to have an accurate inventory of the assets on the network in real-time. To manage asset inventory effectively, there are three things you need to focus on: Volume, Velocity, and Variance.
Volume relates to the sheer number of devices or assets on the network. The traditional view of servers, endpoints, routers, and printers is no longer sufficient. Today’s networks include a vast and growing array of devices, including mobile devices, IoT (internet of things) devices, containers and more.
Velocity refers to the rate of change in the environment. In a legacy environment it was relatively easy to keep tabs on the servers and endpoints on the network. Things did not generally change very quickly. That is no longer the case. Virtualization and cloud environments running containerized applications are just part of what make networks today much more volatile and make the challenge of maintaining an accurate asset inventory from one hour to the next very difficult.
Variance is about ensuring that everyone is referring to the same thing and speaking a common language. Even questions that seem to have an obvious answer can have very different responses depending on who you ask. It’s like an IT asset management version of the telephone game.
Single Source of Truth
As important as visibility and the “Three V’s” are for asset management, it’s also crucial to streamline access to asset inventory information and provide a single source of truth. Various tools and platforms provide some sort of asset inventory capabilities, but they each have a limited scope and view of the network and it becomes a cumbersome, manual process to try and integrate and correlate that information.
Having a single IT asset inventory tool with comprehensive visibility of the entire network simplifies the process of collecting and maintaining the asset inventory in real time. It also provides an organization with a trusted resource to act as the single source of truth for asset inventory, which is vital for ensuring that all teams within the organization are working from the same playbook as they make decisions and execute plans.