For HR tech organization PlanSource, safeguarding sensitive and private employee data is crucial to business operations.
An accurate IT and cybersecurity asset inventory is a core piece to know what’s going on in IT environments — and to protect this very information.
“I think most organizations struggle with understanding what inventory they have,” said David Christensen, VP and CISO at PlanSource. “When they’re doing an assessment of vulnerability, they struggle with understanding if they have gaps. So without having an adequate and accurate inventory, you may end up having a bigger gap than you expected.”
These gaps affected how the PlanSource IT and security teams assessed vulnerabilities in their environment.
“We would believe we scanned our entire network, and understood what our actual threat and risks were — only to find out later on that we were off by 10% to 20%,” Christensen said. “That was almost an accepted risk that we really didn’t want to accept.”
This inaccurate picture of the actual risks with PlanSource’s environment soon impacted the teams’ daily operations. Even though multiple teams supported the same environment, they’d often have different answers when they inventoried assets.
The mixed results were definitely not working for IT and security. It was time for a tool to conduct cybersecurity asset inventories. But the solution needed to do the following:
- Integrate all their services within the PlanSource environment
- Maximize visibility
- Eliminate the person-hours required for cybersecurity asset inventories
“We needed something that could really highlight the problem, without spending so much time trying to get to the problem,” he said.
Understanding the truth using Axonius
Christensen had looked at other cybersecurity asset inventory solutions in the past, but “almost all of them took an approach where they weren’t really looking at the source of data in a real, true sense.”
He quickly figured out that Axonius was tapping into an area that other products and solutions weren’t addressing.
The Axonius cybersecurity asset management platform provides true visibility into the state of the PlanSource environment, responds quickly when an asset deviates from a policy, and expedites vulnerability remediation.
With Axonius, the IT and security teams are more proactive than ever before. They’re saving person-hours, with a more accurate understanding of what’s happening across the PlanSource environment.
“Let’s face it, asset inventory is not a fun thing to do,” Christensen declared. “Having an asset inventory product like Axonius gives us that accurate view on what we have and what is deployed on those assets. When we have to identify the impact of a zero day, we’re hitting 99% to 100% accuracy.”
Along with a more accurate cybersecurity asset inventory, the PlanSource teams have more visibility into areas by leveraging their existing data. Christensen said they’ve identified processes and procedures that didn’t exist before, needed updating, or had to be created.
The Axonius platform also helped PlanSource maximize its investment into its security program.
“When I’m being asked: ‘Do we have adequate controls to protect against a new vulnerability, zero day, or active attacks that are happening in the industry?’, I can confidently go to the board and my executive leadership team and say, ‘Yes, we have the right tools in place,’” he explained.
Read this case study to learn how the PlanSource IT and security teams work together to leverage the Axonius platform.