Do you know where all your devices are? Do you know where all your sensitive data is? If you don't your not alone. Many people have devices that they have lost track of over time. It may be a device that they upgraded and stuck the old one in a drawer somewhere. Maybe it got "legs" and walked away. Similar to a giant warehouse that can't function without an automated tracking mechanism, it will be all but impossible to track every piece of information in your IT systems if there is no data tagging or automated tracking method for that data. But how does something like an inventory affect cybersecurity?
One of the first premises for doing good cyber hygiene is to understand what you have. If you do not remember you have a device, you will not remember to patch it or update AV. Over time, it will develop vulnerabilities. If it's still on your network it may become a path in for the attacker. If the device gets "legs" and walks away it maybe walking away with critical and highly sensitive information on it. You also do not want to protect all data the same. You want to spend more resources on what is more sensitive and less resources on less critical data. So what do you do?
Large corporations often use specialized software packages to manage their inventories, and control devices and data. That is often not practical for smaller organizations. However, there is good news. Inventory does not have to be complex. It could be as simple as a spreadsheet of all the devices. It can be as simple as categorizing data, identifying the highest risk data and putting in rules around where that data can be accessed. There are plenty of cheap and easy ways to know about your devices and sensitive data.
Comments