How confident are you that you have total asset visibility?
BT explains why real-time asset discovery should be high on the agenda of every CIO and CISO
When everything appears to be ticking over in an organisation’s IT estate it’s easy to assume that its asset awareness strategy is up to scratch.
Then a major incident hits and all kinds of organisations discover they don’t know what’s on their network, what risk these assets pose or how to mitigate the threats. Lack of asset awareness delays critical incident responses and allows threats to spread across networks, amplifying damage to organisations and disrupting business.
Asset discovery goes beyond security
While incidents like WannaCry were a wake-up call for most security teams, the deficiencies they highlight have wider consequences we shouldn’t ignore. Yes, from a security point of view you need to know what’s plugged into your network and what you’re accountable for, but asset assessment is also vital for compliance, cost and management reasons.
Insufficient asset knowledge means you don’t know where your data is and can easily result in non-compliance with regulatory mandates such as GDPR, HIPAA, PCI, FISMA and many more, triggering heavy fines. Plus, an inability to track software and hardware accurately through an up-to-date inventory has significant cost implications, too. You could be wasting money by paying for too many licenses, or not paying for enough. One client we worked with turned out to be paying for hundreds of thousands of pounds worth of licensing they didn’t need.
An inaccurate inventory also leaves you open to paying to support and operate unnecessary assets. When we run inventory exercises, we often discover a whole load of equipment still powered on, for example, consuming electricity and taking up valuable data space.
From a management point of view, an accurate picture of your assets is essential to identifying technology that needs to be refreshed or replaced if it’s coming to the end of its life. And without this accurate picture, you’ll struggle to work out how you can best consolidate your supplier contracts.
A healthy network knows its vulnerabilities
WannaCry underlined the fact that, where network discovery is concerned, some visibility is effectively no visibility. Not only is that one device that’s missing from your asset inventory an easy entry point for hackers to get into your network, it’s also a point of potential network failure due to a lack of device health information, monitoring or support. Yet, according to Gartner (Market Guide for Operational Technology Security, 2017), half of enterprises only perform asset management once a year and 20 per cent only once every five years.
'Asset management becomes even more vital when you remember that devices are joining your network all the time, introducing more vulnerabilities'
Asset management becomes even more vital when you remember that devices are joining your network all the time, introducing more vulnerabilities — from vending machines to air conditioning systems, the Internet of Things is increasing the volume of devices on your network exponentially. And to this you have to add the threats posed by the creep of shadow IT devices onto your network. The picture gets even bleaker when you consider that less than ten per cent of new devices connecting to corporate networks will be manageable by traditional methods by 2020 (ForeScout Technologies, Internet of Things Solution Brief, 2017).
Futureproof your asset discovery
Customers look to asset discovery services for a variety of reasons. Some aren’t confident that their inventory is complete. Others are concerned the information in their database is inaccurate or is spread across a variety of systems, only some of which automatically update. And, in some cases, the listing is complete and correct, but it doesn’t include all the attributes they need to report on.
Because we build and control networks, we have visibility across them and access to everything on them. We’re able to use this data to build a comprehensive picture of assets, automating and orchestrating the discovery of devices on a network. Not only does this deliver an inventory that’s always up to date, our customers are able to put policies in place that identify any new device being plugged into their network. They can then isolate and control the device, moving it from their critical assets into a different segment. As a growing number of network advances rely on a solid inventory database to function, our asset discovery service is a new way of managing assets that’s specifically designed to meet the challenges of today, as well as those of the future.
Click here to read BT's report - SD-WAN is the cornerstone of network transformation
Agency invites submissions from central and local government
Newly released code allows developers to embed additional security features
Digital agency looks to bring emissions caused by its online services down to zero
MoJ-sponsored entity looks to appoint leader to spearhead transformation
BT looks at how to secure your SD-WAN services, starting with security by design
Nigel Hawthorn looks at how to review cloud use, report on risks and apply policies to reduce likely data loss incidents in this latest insight from BT
New network technology creates new risk, but the same technology is driving a step-change in how we think about security, writes BT
After more than 20 years of stability, networks are going through a period of dramatic transformation. BT looks beyond the hype at the real benefits of virtualisation.