Corporate networks have evolved in recent years. Many have exploded in size as a result of organizations diversifying their IT environments to include cloud, virtual, and mobile devices. As such, corporate networks are much more dynamic in nature. It’s now commonplace for devices to connect, reconnect, and disconnect from the enterprise network, especially with regards to Bring Your Own Device (BYOD) items like laptops and smartphones.
The changes discussed above symbolize the challenges of organizations doing business in a digital age. Unfortunately, that pressure to constantly adapt to new technology has produced new security risk. Networks are such that enterprise security teams don’t often control all assets, which makes the task of gathering insights into devices difficult. Additionally, with networks spread across cloud, virtual, mobile, and on-premises environments, blind spots are likely to arise. If they do, attackers could exploit those oversights to conceal their malicious activity.
IT personnel can defend against these nefarious individuals by gaining visibility over their organization’s networks. They can start by leveraging what’s known as asset discovery.
A foundational IT security measure, asset discovery encompasses the first two of the Center for Internet Security’s (CIS) Critical Security Controls (CSC):
- CIS CSC 1 recommends that organizations develop an inventory of authorized and unauthorized devices. Doing so will help them manage and provide access to all hardware devices. It will also empower them to deny access to unauthorized and unmanaged products that a bad actor could leverage to attack the organization and its business-critical assets.
- CIS CSC 2 advocates the practice of organizations creating an inventory of authorized and unauthorized software. They can then use that inventory to discover, track, and correct all authorized software on the network. Any software not included in that inventory won’t be able to install or execute on network devices.
To illuminate every corner of their network, organizations should invest in an automated solution that incorporates asset discovery best practices. That solution should begin by scanning through the IPv4 or IPv6 network address ranges and analyzing traffic for identifying possible hosts. Once it’s uncovered those hardware devices, the tool can record more granular information, such as possible connections the device might share with other assets, configuration, maintenance and/or replacement schedule, relevant software installations, and usage. The utility can then broaden its scope to discover storage devices and assets that might operate in remote locations.
But companies don’t have to stop there. They can acquire even more visibility over their organization’s network by looking for specific capabilities in their asset discovery tool. For instance, enterprises can leverage dynamic host tracking to manage portable hosts as they connect, disconnect, and reconnect to different networks, and they can use hierarchical asset organization to classify assets in a structure built using business context. Alternatively, they can look for an asset tagging capability that lets them identify assets based on technical owner and regional location as well as advanced support features for discovering devices and software across the cloud, virtual environments, and mobile.
Tripwire offers a comprehensive asset discovery tool known as the Asset Discovery Appliance. This solution provides a continuous profile of all hardware and software on an organization’s network. Security personnel can, in turn, use that inventory to conduct effective security configuration management of all known assets. If their organization uses Tripwire Enterprise, they can also correlate at-risk application and asset changes to proactively address potential security issues.
To learn more about Tripwire’s Asset Discovery Appliance, please click here.
Asset discovery is just one of the foundational controls that organizations should look for when purchasing a new or replacement solution. To learn about additional security measures, please download this whitepaper.