Asset

Management

To be able to keep your business cyber safe you have to know what you have before you can manage and protect it. In cyber security we call this asset management.

Sarah Hurley, COO XaaS Ltd

In a bit more detail:

Assets are the things of value you hold within you business. These include hardware (servers, networking equipment, printers, etc.), software and data.  Asset management is the term given to the combination of identification (asset inventory), lifecycle (cradle to grave), configuration and change control relevant to your assets.  An asset inventory is critical to your business as you cannot protect what you don’ t know you have.

Here are 4 quick wins to start you on your cyber-health journey to improve in asset management; click on the icon or scroll down to see more detail:

Know what you have

Assign an owner

Know what data is on it

Maintain it

Know what you have

The first step in securing your business and keep it cyberXafe is to understand what needs protecting.  This ranges from physical stock to the software and data that your business needs to function.   These should then be recorded in a list called an asset register. 

If you don’t have an asset register already, you can always download our XaaS Asset Register Template to get you started.

Some simple steps you can take to set up your asset register are:

Assign an owner

You need to know who has control of an asset so that you know who is responsible for keeping it safe.  You can’t protect a laptop if you don’t know who is using it, so assign a responsible person against each asset or group of assets.

Some simple steps you can take to assign ownership are:

Know what data is on it

For the most part, assets will be used to store or process information (such as laptops or cloud services).  Knowing what type of information the asset holds and its importance to the business will help your business understand how much protection it needs.

Some simple steps you can take to know your data are:

Maintain it

All assets need maintain and regardless of how well designed contains security flaws called vulnerabilities.  These vulnerabilities can be leveraged by attackers to gain access to not only your devices (such as computers, laptops & mobile devices etc.) but can also gain access to on-line services like email or your bank account, by capturing information as you log into your sites.

To combat this, software vendors release updates that patch the vulnerability.  How often a vendor releases a patch is dependent on the vendor and severity of the vulnerability.

Some simple steps you can take to maintain your systems are: