{"id":1346,"date":"2021-03-31T05:47:25","date_gmt":"2021-03-31T13:47:25","guid":{"rendered":"https:\/\/raffy.ch\/blog\/?p=1346"},"modified":"2021-03-31T17:39:40","modified_gmt":"2021-04-01T01:39:40","slug":"asset-management-back-to-the-roots","status":"publish","type":"post","link":"https:\/\/raffy.ch\/blog\/2021\/03\/31\/asset-management-back-to-the-roots\/","title":{"rendered":"Asset Management &#8211; Back To The Roots"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Asset management is one of the core components of many successful security programs. I am an advisor to <a href=\"https:\/\/panaseer.com\/\">Panaseer<\/a>, a startup in the continuous compliance management space. I recently co-authored a <a href=\"https:\/\/panaseer.com\/business-blog\/asset-management-metric-of-the-month\">blog post<\/a> on my favorite <a href=\"http:\/\/securitymetrics.org\/\">security metric<\/a> that is related to asset management:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>How many assets are in the environment?<\/p><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">A simple number. A number that tells a complex story though if collected over time. A metric also that has a vast number of derivatives that are important to understand and one that has its challenges to be collected correctly. Just think about how you&#8217;d know how many assets there are at every moment in time? How do you collect that information in real-time?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The metric is also great to start with to then break it down along additional dimensions. For example:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>How many assets are managed versus unmanaged (e.g., IOT devices)<\/li><li>Who are the owners of the assets and how many assets can we assign an owner for?<\/li><li>What does the metric look like broken down by operating system, by business unit, by department, by assets that have control violations, etc.<\/li><li>Where is the asset located? <\/li><li>Who is using the asset?<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">And then, as with any metric, we can look at the metrics not just as a single instance in time, but we can put them into context and learn more about our asset landscape: <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>How does the number behave over time? Any trends or seasonalities?<\/li><li>Can we learn the uncertainty associated with the metric itself? Or in other terms, what&#8217;s the error range?<\/li><li>Can we predict the asset landscape into the future?<\/li><li>Are there certain behavioral patterns around when we see the assets on the network?<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">I am just scratching the surface of this metric. Read the <a href=\"https:\/\/panaseer.com\/business-blog\/asset-management-metric-of-the-month\">full blog post<\/a> to learn more and explore how continuous compliance monitoring can help you get your IT environment under control.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Asset management is one of the core components of many successful security programs. I am an advisor to Panaseer, a startup in the continuous compliance management space. I recently co-authored a blog post on my favorite security metric that is related to asset management: How many assets are in the environment? A simple number. A [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37,15,35],"tags":[],"class_list":["post-1346","post","type-post","status-publish","format-standard","hentry","category-big-data","category-compliance","category-security-intelligence"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/1346","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/comments?post=1346"}],"version-history":[{"count":4,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/1346\/revisions"}],"predecessor-version":[{"id":1350,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/1346\/revisions\/1350"}],"wp:attachment":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/media?parent=1346"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/categories?post=1346"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/tags?post=1346"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}