Computerworld - Do you know where all the licensed (and unlicensed) copies of Visio 2000, Yahoo tool bar, Xupiter DLLs or Outlook Express are in your company's systems? Do you know who still has the Windows Messenger Service turned on? If not, it may be time for a hardware and software asset inventory.
There was a lot of buzz about asset inventory at last month's 2003 RSA Security conference in San Francisco. It was an emerging theme that came through for those who attended sessions on vulnerability management, patching, intrusion detection, security management, emergency response and selling security to senior management. You can't protect your information and the information infrastructure if you don't know what it contains. In other words, you must have an inventory of your assets.
That makes sense, so what's the issue here? There are plenty, according to Steve Crutchley, chief security officer and co-founder of 4FrontSecurity, an enterprise security services firm in Reston, Va. At the RSA conference, Crutchley discussed ways to make information security relevant for an organization's board of directors. "Many organizations I have counseled lack an effective asset inventory. Without an asset inventory, how are the systems and network engineering groups supposed to sift through security alerts and know which ones apply to them and which can be discarded?" he said.
Peter H. Gregory, CISSP, CISA, is an information technology and security consultant, a freelance writer and an author of several books, including Solaris Security, Enterprise Information Security, and CISSP for Dummies. As a consultant he provides strategic technology and security services to small and large businesses.
He can be reached at p.gregory@hartgregorygroup.com.
His Web site is www.hartgregorygroup.com.
Blended threats raise the bar
The phenomenon known as "blended threats," whereby worms and Trojan horses use multiple propagation paths (see story), is ushering in a new generation of security products that contain the best of intrusion-detection system tools and the automated processing of vulnerability alerts from product manufacturers and the CERT Coordination Center.
These products fall into the new niche known as vulnerability management. They work by keeping tabs on the latest vulnerability alerts, cross-referencing them against your hardware and software and creating "hits" when the two intersect. These hits translate into tasks where a systems administrator or network engineer needs to install a patch, change a configuration or mitigate the new vulnerability by some other means.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
