Let’s first talk about asset discovery in general and why it is useful, even critical, to most organisations.
What Is Asset Discovery?
Asset discovery is the ability to provide visibility of all devices located within an organisation with limited or no human interaction. Most organisations would start off manually maintaining a list of their devices or assets in a shared document such as an Excel spreadsheet, making changes whenever a new device is either acquired or depreciated.
This process is manageable when organisations are relatively small and not that complex. However, this method becomes very flawed when organisations or networks begin to grow. One of the main pain points with this methodology is time. Keeping these lists updated can become a full-time job in some cases.
However, most organisations have caught on to the fact that device management is a critical part of not only their operations process but also their security process, and not having visibility or knowledge of devices on their network could open them up to potential security week points. For example, how do you know which devices need to be patched if you don’t know they are there?
With all that being said, there are a few methods organisations can adopt to assist in this regard, and to be honest, most organisations most probably have already purchased software solutions that could assist.
A good example of this would be along the lines of a SIEM or log management solution. Most mid- to large-size organisations would or should have some form of log management solution in place for either fulfilling a compliance requirement or maintaining good security practices. These tools can usually provide some form of asset discovery functionality without any additional cost. The difference being what level they provide out-of-the-box and how much they can be (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Dean Ferrando. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/what-passive-asset-discovery/