How Software Asset Management helps prevent cybersecurity attacks
According to various studies in 2018 an alarming 54% of companies experienced some sort of cybercrime ‘event’. It takes organizations an average of 191 days to identify a data breach and the average ransomware attack costs an organization USD 5 million.
With this in mind, everybody is aware of the threat and the risks, which both increase by the month of each year. But how can you lower the risks? By buying security solutions? Sure. By not using the internet? Sure. By many other things? Sure. But have you ever looked at your Software Asset Management solution and procedures within your organization? Did you know that Software Asset Management can help prevent cyberattacks and lowering your risk?
With Software Asset Management you collect a large amount of data about your IT environment and usage. And a lot of that data tell you important facts on usage of our datacenter and clients. This data is very useful for your cybersecurity defense strategy. After all, a proper strategy starts with knowing what you have … Here are just some examples of day-2-day practice.
To get access to an IT environment one would need an account. Information on the accounts used, , not used (anymore) and account rights help you detect abnormalities. The Software Asset Management discovery and inventory platform (or tool) will give you information on bad password attempts, last password change, last time used for logon, user accounts with administrator rights, stale device and user records. With this information you will be able to take appropriate actions in-time. Beside account information, you will be able discover information on your hardware. As an example, which hardware is not used for a long time. Is that device (or server) a spare? Out of service? In repair? Decommissioned but still in the Active Directory?
Software you know, and which you don’t
SAM will provide you with all software detected within your organization. Including a practical overview of all editions and versions. With that (it really should…) a list of all software near or after end of support dates – that is a risk at its own. But also service packs level of your software, are you up to date?
Furthermore you will get an overview off all (cyber)security software, its deployment and update status. After all, good prevention starts with actual algorithms and security updates.
A proper SAM solution also provides you with information on web applications used. This comes in very handy when you want to know if shadow IT is used within your organization; SaaS applications you as a SAM-, IT or Lifecycle manager were not aware of.
Most modern SAM tools and solutions provide even more information. For example firewall, anti-virus and anti-malware exceptions. Is the firewall on a specific machine enabled of disabled. For a back-up server there might be a good reason to turn of a local firewall. But other systems? When not knowing, you are at risk by default. By knowing you will be able to act.
Do you know which users have external access to your IT environment? Sure you do. But do you also know all the people who have access to your cloud documents, in SharePoint or Teams as an example? It is so easy for users of those systems to invite an external user by inviting them to co-audit on a document. By default, after the work is done, the account remains active within the environment. SAM platforms or tools with a cloud integration option will give you an overview of all those accounts. With that, you will be able to block access for those accounts no longer used and with that lower your cybersecurity risks.
Another commonly seen security risk: mobile devices with Active Sync access to Exchange for e-mail. One would find also a lot of private mobile devices with Active Syn enabled. As long as the device is still used by the employee and you are fine by such usage, no problem. But people tend to switch smartphones more often than their socks. What if … Do they tell you? I’ve seen lists of thousands of mobile devices with Active Sync within organizations with only a couple of hundred employees.
The holy grail?
These were just some examples. Which raises the question: Is a proper Software Asset Management solution the holy grail to prevent cybersecurity misery? No, it is not. But is it a good starting point for gathering lots of information which you can use for lowering risks and take protective measures? Yes it is. And since every organization has – or should have – Software Asset Management in place, why not use it?