ITAM is involved with almost every facet of the IT organization. The one place that is sometimes missed is IT security. IT Security; those wonderful folks who keep the organization safe from digital threats and vulnerabilities. How can these groups help each other? Easy, by augmenting existing data and creating a more efficient IT organization. The data in question is different for every organization. It could be asset ownership, last logged on user, or the location the asset was deployed.
Data is the lifeblood of asset and security teams. Asset is using discovery and inventory data to understand the number of deployed assets, locations of assets, software installations, and entitlements. Security is using massive amounts of data to assess security threats, system vulnerabilities, and respond to security incidents. The goals of these teams overlap when you think about the fact that security needs to know basic asset information and asset could be augmented through use of some basic security data. Locations, users, anti-virus touches, and police reports are all pieces of data that both groups could share.
If these teams can share data, then comes the problem of where to store it? The most logical place is the asset repository. The majority of data that is being shared is there already. User, Location, Software related information. Adding data from security should be fairly simple. Another reason to use the asset repository, IT security typically does not want to grant access into its systems to just anyone. It’s typically easier to grant access into the asset repository. Access can be limited for security personnel to read only.
Security may want a say in new models of devices being brought into the organization, or in the collection of retired assets and the processes used to wipe and secure assets for disposal. The ITAM team is in a great position to provide reporting to the security team as needed. From experience, reports around disposed assets, primary user and last logged on user mismatches and assets reported as lost/stolen. Security can help put a software blacklist in place to prevent the installation of unapproved applications. They can also whitelist any approved software, as well as, remove admin rights from end user computers.
By leveraging the data, knowledge, and processes that each team has, the overall IT organization can become more efficient in reacting to incidents and controlling the ins and outs of assets. Participation on the governance board, governing of software installs, augmentation of the data in the asset repository and allowing the security folks a view into the asset data are different ways ITAM and IT security can help each other.