This is the first part in a series of posts where we’ll look back at how today’s complex environment created distinct challenges across several areas.
Back in the day, IT and security teams oversaw laptops, desktops, and servers — all in one physical location.
Conducting asset inventories used to be easier. IT environments included Windows machines in Active Directory. An antivirus agent was installed, along with some other kind of agent to push out updates.
Device management was simpler too, with someone keeping track on an Excel spreadsheet or the like.
Ahh, the good ol’ days.
Well, fast forward to 2023, and things changed — a lot.
Homogeneous environments disappeared when mobile devices, virtual machines, cloud instances, and IoT devices came onto the scene. Along with each device came a certain operating system and version. The number and types of devices added a new level of complexity to asset inventories.
For IT and security teams, device management became about trying to count, manage, update, and secure a gigantic sprawl of assets. And it posed a whole lot of new challenges.
Today’s device management challenges
The transition from simple environments in the past to the complex, fragmented device environment happening now created a bunch of asset management obstacles in cybersecurity.
Knowing what devices are in the environment
Discovering all hardware devices generally requires different tools just to identify what machines need to be secured. Most businesses use a patchwork of solutions to discover devices — like network admin tools and vulnerability assessment scanners.
Each of these tools represent one piece in the device puzzle. But none understand the entire hardware landscape. All the information is there, but there’s a “but”. The data is living in lots of different silos that don’t communicate with each other — and they all speak different languages.
Once each device is identified in the environment, cybersecurity teams need an ongoing process to constantly monitor new devices. Understanding and documenting all devices helps assure every asset follows cybersecurity policies.
Understanding what software is installed
All the devices are identified. There’s a continuous device discovery process in place.
Next up: knowing what’s on every device.
Inventorying all software installed means knowing things like:
- Operating systems
- Patch levels
- Installed apps and versions
Detecting potential issues
After an accurate inventory of assets (and what software is installed), next is knowing when a state change happens anytime to a device.
Unexpected actions may include configuration changes, open ports, or security agents being uninstalled, putting a device at risk.
The future of device management
Looking at both the past and the present of device management can help understand IT and cybersecurity teams know what to expect (and plan for) going forward.
Change is constant, so all security-related device management programs need to be built to adapt to the inevitable evolution and complexity of devices and cybersecurity and IT environments.
Today, asset inventory is ongoing — and definitely not a “one-and-done” event. Devices show up just as quickly as they leave. An asset inventory that’s accurate right now likely won’t be tomorrow — and certainly not in another month.
For an in-depth look into the state of device management, download “Back to the Cyber Future, Part 1: Device Management”.
