A configuration management database (CMDB) is a repository that stores information about all of the hardware and software assets in a company s IT environment. Data stored in a CMDB includes information about products, facilities, software, and systems. Information stored in a CMDB provides an organized, up-to-date catalog of asset configurations and relationships. While a CMDB includes aspects of IT asset management (ITAM) and configuration management, it differs from that of an ITAM register that focuses on the configuration and lifecycle of individual assets. A CMDB focuses on managing assets and how they relate to one another in the IT infrastructure. By providing an organization with a full view of its IT environment, a CMDB can help reduce downtime, improve analysis, and help meet regulatory compliance standards.

Cybercriminals are persistent, intelligent, and adaptable and, even if they don t succeed with their first try, they will lay the groundwork for a future successful attack. Consequently, achieving functional cybersecurity is an uphill battle. Firms must constantly adapt to new threat landscapes and new tactics. This reality was brought to the fore with the mass work-from-home revolution. Most transactions and work interactions occurred online, and businesses had to scale their IT environments to provide optimal platforms. However, scaling environments often translates to making critical databases and applications harder to monitor. Losing visibility is a critical cybersecurity mistake. Hackers use unmonitored devices as the first entry way into the wider network. IT Asset management solutions solutions work to solve the visibility gap by providing full configuration information on remote devices and can be used to identify vulnerable ort unpatched systems.

There are now even more than ever connected print devices. The problem is that that network-connected printers continue to be inadequately addressed with regard to cyber security. The first stem in securing print devices is to treat them like any other intelligent, programmable device connected to the network and to ensure that each device is fully vetted and approved to be procured before doing so. It is also critical that the business knows what kind of data is being transmitted and processed on the devices. This means applying asset management procedures to print devices and ensuring they are recorded in the organization s configuration management database (CMDB). Knowing the configuration, make/model, ownership, location and purpose of the device is critical to managing the overall network environment. A fully features IT asset management solution is key to collecting and recording this information

Many businesses likely have a plethora of different apps in use through shadow IT - software not authorized by the corporation. Employees often acquire their own software to work around the supposed privacy shortcomings of the organizations IT systems. normally use. What many organizations do not realize is that shadow IT can expand cyber-attack surfaces. Consequently, it is critical for businesses to identify and monitor their software application use. A software asset management solution can play a key role in managing and controlling shadow IT.

SaaS management can provide clear information about assets, help optimize software license and spend, while also managing risk and compliance. An IT asset management solution with cloud management capabilities is a key tool in managing a firm s SaaS assets.

With a severity ranking of 9.8 out of 10, the vulnerabilities labeled CVE-2021-21985 and CVE-2021-21986 need immediate attention. The affected product versions include vCenter Server 6.5, 6.7, and 7.0. IT managers can use their IT asset management solutions to identify the location and configuration of affected systems.

Microsoft is calling urgent attention to CVE-2021-33739, CVE-2021-33742, CVE-2021-31199 and CVE-2021-31201. The company has warned that all six of these bugs have been targeted by attackers prior to the availability of patches. Microsoft s product security response teams recently issued fixes for at least 50 documented vulnerabilities impacting the Windows OS, the Microsoft Office productivity suite, Microsoft Edge, SharePoint Server, and the Windows Defender anti-malware feature. Ten percent of the 50 documented vulnerabilities (counting by CVEs) are rated critical, Microsoft highest severity rating. Windows administrators are strongly urged to review the patches from Microsoft and prioritize the deployment of the patched for the CVEs under active exploitation. IT managers can use their IT asset management solutions to identify any unpatched devices.

According to Adobe, the current batch of patches address a wide group of potentially dangerous vulnerabilities in Adobe Acrobat and Reader, Adobe Photoshop, and the ever-present Adobe Creative Cloud Desktop Application. The most serious of the vulnerabilities could enable attackers to take complete control of a Windows or macOS machine. Adobe warned that malicious exploits can be triggered remotely to hijack unpatched machines. Windows and MacOS users and network administrators are encouraged to prioritize the patch that addresses at least five memory corruption vulnerabilities that expose users to remote code execution attacks. IT managers can use their IT asset management solutions to identify any unpatched devices.

The Department of Homeland Security's digital defense arm said that by simply following a decade-old security recommendation the SolarWinds hack could have been prevented. CISA said that if the victims configured their firewalls so that all outbound connections from the servers running SolarWinds were blocked it "would have neutralized the malware." The agency noted that several targets who did configure their firewalls in such a way "successfully blocked connection attempts" and had no "follow-on exploitation." SolarWinds commented that there is no need for servers running its software to send outbound traffic. Guidance from the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) has advised for more than a decade that servers with no need to connect to the internet should be blocked from having web access. IT managers can examine the software configurations of their servers using their IT asset management tools to determine which systems should be blocked from connecting with the Internet.

"Windows 11 is the operating system for hybrid work. We have worked hard to deliver new, familiar, flexible experiences that work the way you work." Windows 11's includes new tools called Snap Layouts, Snap Groups and Desktops. These features enable users to group specific applications and windows together, and organize and customize workspaces according to specific tasks and intents.

Google recently announced a security update for Google Drive. The updates is intended to make sharing links more secure for files stored with the service. Google is adding a resource key to sharing links, designed to control access to the files for users who have not yet viewed the files. Google noted that Once the update has been applied to a file, users who haven't viewed the file before will have to use a URL containing the resource key to gain access, and those who have viewed the file before or have direct access will not need the resource key to access the file. Google Workspace administrators will have until July 23 to decide whether or how to apply the security update within their organization. Beginning on July 26, Google will notify users who are not part of a Google Workspace domain to inform them of impacted files. They will have until September 13 to determine how the update is to be applied.

James Turgal, former executive assistant director for the FBI Information and Technology Branch (CIO) and current VP of Cyber Risk, Strategy and Transformation at Optiv noted that that the majority of companies who give in to their cyber-tormentor are victims of their own making. He observed that many established organizations have networks and infrastructure that have evolved through the years without regard to security. In addition, IT departments have often added new technology without properly configuring it and decommissioning the old equipment or software. To compound matters firms that do not regularly patch their systems create avoidable vulnerabilities. During their move to a cloud environment many companies focus intently on the cloud migration but neglect the servers and infrastructure that is going unused, is not being patched, but remains connected to the network. IT managers can us their IT asset management toolset to identify vulnerable, unpatched or unused equipment and software still conne4cted the network.

Multi-cloud operations create a number of challenges in the form of cloud security, skills and cost optimization. Firms need to be aware of these factors orior to investing heavily in multiple cloud services. In the real world , too many businesses remain challenged by shadow IT, employees who require more extensive training in handling data, identifying phishing links and using strong, varied passwords. Multi-cloud also creates a technical skills challenge. Companies pursuing a multi=cloud operation need to find employees who are well versed in multiple, diverse cloud platforms. As compatibility and interoperability between many platforms are virtually non-existent. However, a fully functional IT asset management solution with cloud-management capabilities can help mitigate some of the challenges associated with a multi-cloud operation..

In the cloud-based application era, managing endpoint device configurations is often neglected, resulting in a high number of unmanaged devices. Endpoint management is hard, boring, and time-consuming, but it s still extremely important to maintain a robust security strategy. Cyber-criminals know that one of the easiest ways to attack corporate networks is through a machine that hasn t downloaded a patch to shore up a certain vulnerability. Given this fact, ensuring that endpoints are routinely updated with the latest software patches and releases is critical. A fully featured IT asset management solution can help management identify devices that are poorly configured, unpatched or running obsolete software.

According to a Government Accountability Office (GAO) report the federal government runs several legacy technology systems dating back to the 1970 s with no modernization plans to update, Federal Agencies have developed plans for some of the critical legacy IT systems, excluding the oldest ones. GAO warned that reliance on old coding languages could result in an increase in in procurement and operating costs.. The legacy systems also increase security vulnerabilities and frequently run on hardware and software no longer supported. Secure IT asset management solutions are available to assist agencies in identifying outdated or vulnerable systems.

VMware is urging customers to patch a critical vulnerability affecting vCenter Server as soon as possible warning that the ramifications of this vulnerability are serious. VMware, noted that the vulnerability impacts the vSphere Client, specifically the Virtual SAN Health Check plugin. An attacker with access to port 443 can exploit the flaw to execute commands with elevated privileges on the operating system that hosts vCenter Server. VMware has published an advisory, a blog post, and an FAQ document for these vulnerabilities, and urged customers to take action immediately, IT managers can use their IT asset management solutions to identify vulnerable devices.

Companies with robust hybrid work tooling may be looking at an efficiency upside. However, a mismatch between employee expectations and the technology tools they are provided can derail the opportunity. According to a recent Forrester report, most businesses with remote or hybrid workforces deployed technology as a response to the pandemic. The report notes that "The organizations faced a sudden and unprecedented number of remote workers to support, and decision-makers needed to adapt extremely quickly, However, many of these technology decisions may not have been the best long-term choices, and they may cause problems down the road." Using a robust IT asset management tool, IT executives can determine what technology was deployed, what is in use and tailor device configurations to meet the specific needs of remote or hybrid workers.

As companies undergo digital transformation the objectives of the CIO and CFO may occasionally seem at odds. In too many cases, cloud application use is often growing ad hoc way, resulting in redundant licenses, partially used subscriptions and duplicated tools. C-suite executives have a common interest in understanding the cloud spend and developing a comprehensive approach to managing it. Enterprise cloud management enables IT and business leaders work as partners. It goes beyond the management of licenses and contracts to accurately tracking the company s increasing application investments. Go to the link below to download the playbook to ways an automated enterprise SaaS management platform helps CIOs and CFOs.

The increasing complexities of cloud environments are becoming a problem for many companies, especially those working in in a remote world. Various present solutions focused on simplicity and ease of use. However, businesses need to look internally at cloud strategy to determine what' approach is best for them. According to Flexera's 2021 State of the Cloud report, over ninety percent of enterprises have a multi-cloud strategy and 80% have a hybrid strategy. Managing those environments can be bumpy and less than half of firms use a multi-cloud management tool. A robust IT asset management solution, which may already in place, can provide IT professionals the information they need to effe3ctively manage their cloud operations.

Threat Analytics portal, users can review the latest security attacks and risks that Microsoft is highlighting and drill down to determine if there are any additional mitigations or configurations required to do to protect the network. The information contained in this portal is so valuable that it justifies purchasing Microsoft 365 E5 licenses for the riskiest users IT departments can mix and match licensing, though theymay need to limit users to certain features to be compliant.

CIOs need to actively manage technical debt, which is aging technology that is often a byproduct of mergers and acquisitions. CIOs must communicate the urgency of tech modernization to company leadership, maintain previous technology advancements and keep the customer at the center of the process. Technical debt challenges companies as they adjust to change. Aging and fragile technology presented a clear obstacle when companies worked to pivot to remote work and embrace a hybrid work model. However, modernizing to meet customer needs can be expensive. According to Gartner projections, IT spending is set to exceed $4 trillion in 2021 globally, CIO s can utilize the information provided by their IT asset management solutions to identify the most critical configurations that need to be updated, or replaced.

Attackers can access computer systems via remote access. For example, when attackers took control of software at a US water treatment facility, they accessed an unpatched Windows 7 machines and used the TeamViewer desktop sharing software. In this time of remote working and working from home (WFH), remote access is necesary, but those remote and WFH systems need to be monitored protect remote access. The FBI recommends that firms adopt several steps to better protect remote access. Using a comprehensive IT asset management solution can facilitate implementation of many of the BFBI recommendations.

Remote workers have developed dangerous habits that can compromise corporate data security. Many have disconnected from corporate VPN's, downloaded unsanctioned apps and failed to update apps or install security patches. A Cloud phere study indicated that enterprises are increasingly vulnerable to data breaches as a result of poor enforcement of identity and access management (IAM) policy. IT managers can better manage remote workers with an IT asset management solution designed to detect and inventory remote devices.

BeyondTrust, recently released its "2021 Microsoft Vulnerabilities Report." The annual report includes a comprehensive analysis of Microsoft vulnerabilities by category and product, providing an over-arching understanding of the cyber-threat landscape. The data in the report is based on security bulletins publicly issued by Microsoft for the prior year. IT managers can reduce vulnerabilities by ensuring that all systems are patched with the latest fixes and that user privileges are appropriate for the level and role of the employee. Parch status can easily be determined using an IT asset solution.

employees working remotely may be using platforms or software that are not sanctioned, by the IT department. IT managers must explore solutions that will allow employees to work securely from anywhere, including providing government approved devices to each employee. This initiative could take some time, so in the interim, manual protections like implementing IT assert management tools and regularly patching all software will help mitigate immediate severe risks.

Another change accelerated by the pandemic was the office printer. Work-from home (WFH) employees could not access the printers and many processes went paperless in order to reduce contact risk. These changes will constitute the new normal. IT managers can use their IT asset management and the discovery/inventory features to get a real-time picture of their It infrastructure, and develop plans for the future of technology in the firm.

Cyber-criminals are accelerating their efforts to steal any sensitive financial data or intellectual property they can find on vulnerable Microsoft Exchange servers. Microsoft, along with government agencies, warned Exchange Server users to scan their systems for malicious web-shells and to download security updates as soon as possible. According to Palo Alto Networks there are over 125,000 unpatched Microsoft Exchange servers worldwide, with over 30,000 confirmed unpatched servers, in the U.S. alone. IT managers can use their IT asset management solution to identify vulnerable unpatched servers and take appropriate action.

In late February, Microsoft Exchange Servers were targeted in a widespread attack that relied on leveraging a zero-day server-side request forgery (SSRF) vulnerability. The attackers appear to have broadened their attack sequence once the zero-day became public. The US Cybersecurity and Infrastructure Security Agency (CISA) released an emergency directive with guidance and information about the attack on March 2. IT managers who operate an on-premises Exchange Server, and have not patched it, should do so as soon as possible. If systems were patched some action may still be needed to determine if you were impacted. The attacks targeted more Exchange 2013 and 2016. Exchange 2019 is also at risk; however, Exchange 2010 does not have the same vulnerabilities as the other versions but should be patched as a defense-in-depth measure. Older versions of Exchange, while being out of support, are not vulnerable to this issue. For unpatched systems either turn off Exchange Server or block port 443 from that server until it can be patched For those who cannot patch their systems, Microsoft has provided a mitigation process. IUT managers can use their IT asset management tools to identify unpatched servers.

Microsoft recently issued security updates with patches for 89 documented vulnerabilities, including one used in zero-day attacks against the white-hat hacker community. Microsoft documented vulnerabilities across a range of its software and cloud-delivered products. The patches cover serious flaws in multiple Windows OS components, Office and Office Services and Web Apps, SharePoint Server, Visual Studio, Azure and Azure Sphere. Microsoft categorized 14 of the 89 documented vulnerabilities as critical, while 75 carry an "important" severity rating. The company said that two of these bugs are listed as publicly known while five are listed as under active attack. IT managers can identify vulnerable and unpatched systems using their IT asset management tools.

The primary reason major cyber-security incidents and data breaches occur so often is that too many companies have not been focusing on the root causes of breaches. One major cause is ignoring software vulnerabilities. Software vulnerabilities were responsible for the major Facebook and Equifax breach. In the Facebook breaches in 2018 and 2017, respectively. A set of three vulnerabilities combined to enable attackers to compromise tens of millions of access tokens for Facebook accounts. An unpatched Apache Struts server was exploited to allow attackers with free access to he vulnerable server In the Equifax breach. IT managers can leverage their IT asset management tools to identify vulnerable software and apply the needed patches.

Adobe flash was a cybersecurity nightmare and recently CISA's list of the ten most exploited vulnerabilities .of the previous three years. If there is an old version of Flash operating anywhere in a computing environment, it could represent over one thousand known vulnerabilities, not including any zero-days attackers might have up their sleeves. Data center managers should identify all the firmware and software that might be using Flash to develop an upgrade plan. Using an It asset management tool can greatly facilitate the identification of affected devices and their location within the network.

The systems that comprise the center resources are useless without user endpoints that can access and business information. Consequently, IT managers must work to secure these endpoints s just like any data center infrastructure. Endpoints pose a security vulnerability for the enterprise due to their customizations. Unless organizations maintain and enforce standard configurations for endpoint devices, end-users can add their own customizations to each device, or work from their own devices in a BYOD environment. Each of these devices can have software and configurations that may not support a company s security needs. Non-standard endpoints can create potential threats such as unpatched software versions, obsolete or non-existent antimalware tools and pre-existing malware. And these issues don't even factor in the risks of zero-day threats. A fully functional IT asset management that can scan and inventory each device can be used to verify that each endpoint is properly patched and updated with anti-malware before connecting to the network.

in many cases companies were more than 20% over budget for cloud spending. To combat the uncertainty of the cloud bill, IT leaders are turning to cloud governance tools to better control cloud usage and spending. It's very easy to overrun a cloud budget without a proper governance structure in place. Factors that can result in cloud budget overruns include the absence of cloud cost management tools and tools that monitor and report cloud usage. On effective means of controlling cloud usage and expense is a IT asset management tool that can track and report instances are running idle, and which are running up costs,

VMware recently informed customers that patches for a vulnerability affecting its vSphere Replication product are now available. VMware noted that several versions of the product are impacted by a high-severity command injection vulnerability that can be exploited by a hacker with administrative privileges. The intruder could execute shell commands on the underlying system. The vulnerability is tracked as CVE-2021-21976. Patches have been released for each of the affected versions of vSphere Replication. IT managers can use their IT asst management tools to identify devices that need to be patched.

Microsoft rates 11 of the 56 vulnerabilities as "critical." A total of 43 patched flaws are classified as "important" while two are rated "moderated." IT managers can use their IT asset management solutions to identify vulnerable and unpatched systems.

As cloud application use increases within the enterprise, often on a caser-by-case manner too often firms end up with redundant licenses, partially used or over-used subscriptions and duplicate tools. From the C-suite to It managers, leaders havea vested interest in managing the cloud spend spend and taking a comprehensive approach to managing it. Enterprise cloud management, including the use of sophisticated IT asset management tools, helps IT and business leaders manage licenses and contracts to accurately monitor their company s growing application investments. Click on the link below to download this whitepaper to learn five ways an automated enterprise SaaS management platform helps CIOs and CFOs better manager their cloud initiatives.

Considering the vulnerability of legacy tech, especially from a cybersecurity standpoint, the healthcare sector may become incentivized to modernize more swiftly. Modernization may be hastened as the government requires the industry to provide more interoperability among healthcare providers said Yacko. Data sharing is a part of that equation. Kelvin Coleman, executive director at the National Cyber Security Alliance, noted that "Healthcare and public health facilities should also be vigilant about upgrading and updating their legacy hardware and software; ensuring that all connected devices and applications have multi-factor authentication enabled; and that employees know how to identify and avoid malicious email links and attachments from possible phishing scams targeting their workforce. Using a fully functional IT asset management solution, healthcare IT managers can more easily identify older, obsolete or unsupported equipment an d starta plan to modernize those systems first.

Cisco recently released patches for a series of vulnerabilities affecting multiple products. The patches included fixes for three critical bugs impacting the ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. The most critical issue is a flaw in an API endpoint of ACI Multi-Site Orchestrator (MSO), which could enable an attacker to bypass authentication. The Nexus 3000 series switches and Nexus 9000 series switches running NX-OS software release 9.3(5) or release 9.3(6). in standalone NX-OS mode are affected. Cisco is not aware of these vulnerabilities being exploited in the wild but advises customers to install the released patches as soon as possible. IT managers can use their IT asset management tools to ,identify unpatched systems.

A fully functional IT asset management tool can be a key tool on managing printers and printer configurations.

many IT projects were executed in haste and contributed to an expansion in software failures. IT managers can use their IT asset management tools to identify problem or unpatched software, or misconfigured cloud platforms, and use the information to take corrective actions.

Employees working from home (WFH) provide cyber criminals with numerous intrusion channels it to gain access to sensitive corporate information. They a e also aided, unintentionally, by employees using software and devices that are not authorized by, nor secured, by the IT department. To mitigate these risks, organizations need to deploy stronger remote-worker security policies and implement online privacy reviews for new software. To effectively secure their IT operation , organizations need to know what devices and software interact with their business-critical data. Mobile device management (MDM) software can monitor assets with access to the network and can locate and secure lost or stolen devices. In addition, and It asset management solution that can discover and inventory remote devices can generate reports on vulnerable or unauthorized hardware and software configurations.

For many companies shifting to the cloud was not an option as the pandemic spread. It was needed to keep employees on the job as their offices were relocated to their homes. Many firms used the "lift and shift" migration model, where applications and associated data are migrated to a public cloud at one. Time. Lift and shift is usually quick and inexpensive, however, if it is done without sufficient planning, something that the application or data relies on will be omitted. Using an IT asset management (ITAM) and a software asset management tool (SAM) to scan, identify and inventory applications can identify mismatches. Instead of having an employee manually examine documents and code to identify application migration requirements, enterprises can use an automated tool to determine "dependencies and structural issues. An inventory of what is brought over in a migration does not need to be labor intensive with the right ITAM and SAM tools, and without them firms will keep dragging junk software around into the cloud and will continue paying for it for years to come.

that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block vulnerable connections from non-compliant devices. IT departments should apply the available patch to all domain controllers and identify and resolve non-compliant devices to ensure they won t make vulnerable connections. Firms can use a fully functional IT asset management solution to identify un-patched and non-compliant configurations prior to the February date.

Microsoft recently released several security patches with fixes for 83 documented security vulnerabilities. The patches include a fix for a critical" bug in the Defender security product that is being actively exploited. The Microsoft Defender update includes an "exploitation detected" warning and was distributed via the Microsoft Malware Protection Engine, a utility used to clean-up remnants of known malware attacks. The company noted that best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Microsoft Malware Protection Engine updates and malware definitions are working in their environment. IT management can utilize their IT asset management software to identify unpatched systems.

end-user choices, the trend toward working-from-home (WFH) and a move to cloud-first business tools have created more opportunity for Apple devices in the enterprise. As Apple devices expand their presence in the enterprise, CIOs must ensure the orderly management of these devices, at the same time that WFH makes IT support more complex. Apple's growth in the workplace is creating some disruption in the enterprise end-user computing support and management teams. A fully functioning IT asset management tool can help IT professionals to manage a diverse array of end-user devices.

Active Directory (AD)contains user accounts, computer accounts, corporate hierarchies, policies, and groups. It serv es as the reference library for information about a single network or group of networks and is also the primary tool for their management. AD doesn t account for non-Windows computers, servers, and users or information about cloud services unless it is integrated with the cloud provider. There are several good reasons for IT asset managers to utilize information from Active Directory. The most significant s that it allows them to reconcile and verify data gathered by their ITAM tools. For example, if the ITAM tool discovers 3500 active devices but AD reports 4000 with active logins it indicates an agent deployment or other discovery problem. In addition, if group membership is accurate the data can be used to track and secure access to non-production environments. AD can supplement an ITAM operation, but is not a replacement for a fully functional ITAM solution.

A recent report by Kaspersky emphasizes the importance of keeping a firms IT assets updated. The study found that the economic damage resulting from a data breach is often significantly greater in organizations using obsolete or unpatched systems. The report noted that businesses that don t make timely updates lose nearly fifty percent more money from a data breach than firms that make regular updates. Nearly half of all organizations using some form of out-of-date technology, despite the risks of using obsolete and unpatched software. Companies rationalize the practice by citing compatibility issues, employee reluctance to use newer tools, and resistance to change by members of the c-suite. Firms can easily identify unpatched or obsolete systems, and reduce their overall risk, through use of their IT asset management solutions.

Use on an IT asset management solution that can inventory remote systems can provide IT management with a view of how home office systems are configured and managed.

Windows 10 users don t need to be a victim of ransomware. Microsoft has built ransomware protection into Windows 10, and it s easy to use. IT managers still need to employ the basic precautions against malware, such as running anti-malware software and never downloading attachments or clicking links sent from unknown senders. Microsoft s anti-ransomware feature is built directly into Windows 10; and has been included in all versions of Windows 10 released since October 2017. (CIOs c an use their IT asset management tools to identify systems with older versions of the OS). The feature is called Controlled Folder Access. It protects systems by letting only safe and fully vetted applications access your files. Unknown applications or known malware threats aren t allowed through. However, the feature is not turned on by default and must be activates. Users can customize exactly how it works by adding applications to its whitelist of programs and adding new folders to the ones that it protects by default. This article details exactly how the feature acan be activated and customized.

An IT asset management solution that can discover and inventory and remote assets can be an effective tool to assist in managing and securing WFH systems.

Operating an IT environment employing multiple cloud providers and services poses distinct challenges. Using the fright ITAM tools, cloud-based assets can be managed in a manner similar to premises-based assets. The right ITAM tool can discover cloud assets in the same way that it discovers networked assets. In doing so management can identify duplicate contracts, services providing excess server or storage capacity and contracts initiated by individuals (a.k.a ghost IT ) that are being charged to the IT budget. This information can be used to eliminate or reduce costs, while not impairing operations. Similarly, the system can discover more information about the cloud assets from service APIs such as GCP, AWS, Azure, thus providing It management with a clear picture of what services are being provided, utilization and capacity. In addition, the right ITAM system can integrate with other tools and webservices that contain detailed information about the company s cloud assets.

Working from home (WFH) brings a number of challenges to data protection. Increased risks include a growth in external attacks and employees relaxing security practices when working from home. It stands to reason that corporate information will always be more vulnerable than when it is safely secured on a corporate network. To compound matters many employees will use personal devices when working from home. In addition, businesses have come to rely on unsecured video conferencing tools, or document sharing services. In any case it is critical that businesses take action to secure company information before WFH scenarios put data at additional risk. One survey found that of companies with an WFH information security strategy, not quite half per cent said they permitted only corporate IT provisioned/approved devices and have strict security measures in place to enforce this with endpoint control. In additionally, less than ten percent disallowed the use removable media, but fad no technology in place to prevent this. If businesses want to secure data accessed remotely it is critical that encryption and endpoint control is applied to all devices. An IT asset management solution that can identify and inventory remote devices is a. Critical tool in accomplishing this goal.

The NIST framework identifies five main functions cybersecurity activities i: identify, protect, detect, respond and recover. The first two, identify and protect, include proactive cybersecurity measures. Through the identify function companies can develop an "organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities." Activities in this function include creating an accurate IT asset inventory, identifying the criticality of specific assets, and assessing, quantifying and prioritizing risk. A robust IT asset management solution can be an invaluable asset in properly implementing the identify phase of the NIST Cybersecurity Framework.

According to guidance from the EU Data Protection Board, firms must use software with built-in, default privacy settings in order to comply with the GDPR law. Data anonymization and minimization must be standard components of personal data processing, software. The Board said in recently released guidance that this requirement also applies to systems that pre-date the 2018 General Data Protection Regulation. London-based Bird & Bird Attorney Matthew Buckwell noted that The guidelines make it clear that legacy systems are clearly in scope in the same way as new systems, and if the legacy system does not meet GDPR obligations then it cannot be used to process personal data. He also noted that legacy systems are a key risk companies face in potentially violating the terms of the GDPR and the changes may add considerable cost for companies that rely on older, integrated systems that are not easily updated or removed. Firms can use their IT asset management solutions to identify legacy systems that may result in non-compliance and use the information to take remedial actions.

Some short-term risk factors impacted organizations immediately. Organizations that deployed misconfigured or unpatched emergency remote access solutions enabled attackers to compromise the firm s IT environments. In other cases management bought laptops off-the -shelf and sent them out to employees with the standard enterprise laptop image. However, these platforms were designed to operate within the safety of an enterprise not in unsecured personal home networks. Many of these devices became targets of cybercriminals which infected the enterprise environment with malicious payloads. In the aftermath, firms cam use their IT asset management tools to inventory and manage remote devices and identify vulnerabilities or non-standard configuration.

According to a report entitled The State of Modern Applications in the Enterprise released by cloud solutions provider Ahead, most CIOs realize that modernization is critical to deliver software faster, to have improved control over operations, integrate advanced more security, and to quickly meeting the needs of the business. However, according to IDG and tech company Insight, only about a quarter of organizations are at the beginning stages of IT modernization, and less than a fifth have made only moderate progress. In order to create a successful modernization strategy CIOs need an accurate inventory of all the technologies running in the business. Unfortunately, consultants and analysts note that many CIOs don t have a full inventory of all their IT systems and the functions that those systems perform. Thomas Klinect, a senior director and analyst with Gartner, noted that Without that, you re just going to spend a lot of money and have very little to show for it at the end of the day CIOs must understand the whole cradle-to-grave flow of data. An effective IT asset management solution is a critical component of any modernization effort, and is the best first step to geta plan underway.

reviewing their network for user accounts and software no longer in use, reviewing the applications installed on mobile devices and reviewing what devices that should remain supported in the network. A software asset management solution can play a key role in conducting these reviews and will contribute to better network and infrastructure controls.

In response to COVID-19, organizations have started planning for more permanent and strategic remote work practices. The Cybersecurity and Infrastructure Security Agency (CISA) has published several recommendations to support organizations to strengthen their cybersecurity practices as they transition to long-term telework solutions. CISA notes that it is important for firms to determine the cybersecurity risks associated with moving organizational assets beyond the workplace where processes such as printing, and the use of personal devices or equipment are not accessible by the organization s monitoring and response capabilities. The agency recommends that firms develop, implement, and inforce enterprise-wide policies that include requirements for staffers to securely configure and update corporate devices, personal devices, mobile devices, and home networks. An IT asset management system capable of monitoring remote devices will aid in the implementation of such policies.

A recent Forrester report indicates that CIOs should prepare for a protracted U.S. downturn, along with significant IT spending cuts in 2020 and going into 2021. Andrew Bartels, Forrester VP, principal analyst and author of Forrester's U.S. Tech Market Outlook for 2020 and 2021 noted that "What's starting to happen now is shifting from a pandemic recession to a traditional recession. More sectors of the economy are now going to start to feel pain." Of the three tech=spending scenarios developed by Forrester, it feels the most likely (70% probability) to be one where a 6.3% decline in 2020 U.S. tech budgets from 2019 levels occurs. The report indicates that CIOs should be looking at what cuts they may need to make in areas like hardware and new project spending. They should also prepare for what cuts they would make to software, outsourcing, telecommunications or even changes in staff. A comprehensive IT asset management solution can be helpful in identifying under-utilized, surplus and obsolete equipment and software that can be eliminated with minimal impact on the organization.

Vendors are sometimes more willing to move on those sorts of things, and the services can often provide more value than would the discount on the software. said McKay.

With so many employees working from home, businesses are at ra much higher risk of a cyberattack than they were with people working in a business office environment. A new report from cybersecurity firm Keeper Security, claims the over 40 percent of firms have suffered a data breach in the last 12 months. Most breaches are a result of compromised or stolen employee devices. With employees working from home using their own devices, IT security departments are facing additional challenges, including unsecured home networks, infected personal devices, shadow IT and more. Use of a It asset management tool that can scan remote devices will help immensely in managing employee owned devices that a e conne3cted to the corporate network or databases.

E2EE design disables some Zoom functions users can "toggle" the feature on and off depending on their meeting needs. E2EE is an optional feature, Zoom users have the default encryption standard enabled. System administrators can implement E2EE on account or group levels.

Chris Ganly, senior director analyst at Gartner, recently noted that strategic budget management is necessary to transform from cost-cutting measures to value creation According to Gartner one key method in managing reduced IT budgets is to simultaneously address the variable and fixed budgets. By doing so companies can capture an overall view of where cuts can be made. Variable costs can be eliminated and reduced as they change. Fixed costs should be reduced through elimination. The article recommends that firms concentrate on identifying the larger cost elements and the easier cost elements when reducing IT budgets. Understanding the consequences of costs and how to manage possible downfall are keys to overall success. Planning and measuring success will help determine the best approach to budget cuts. An effective IT asset management solution can provide invaluable information when identifying obsolete hardware and software, over-licensed software and unnecessary maintenance costs.

According to recent survey by CoreView, on average half of Microsoft 365 users are not managed by the platform s default security policies. The survey indicated that over 75% of Microsoft 365 administrators do not have multi-factor authentication (MFA) activated, despite the findings that 99% of data breaches can be prevented using MFA. The data shows that, on average, US enterprises ely) utilize oer 1,000 different productivity and operations applications. While productivity and operations apps helps improve productivity, unsanctioned shadow IT apps have varying levels of security represent a significant security risk. Using an IT asset management system, IT managers can identify unauthorized software and cloud apps and remove them prior toa. Security incident.

Firms running older versions of Windows 10 version should consider deploying feature releases faster. Enterprises that chose the Long-Term Servicing Branch (LTSB) version won t obtain security enhancements included in new feature releases bring. Consequently, LTSB is probably not the greatest choice for a end users workstations. Workstations, running LTSB have upgrade path from LTSB to the normal releases of Windows 10 and must be rebuilt to gain asses to those upgrades rebuild the machines. The fall release od Windows 10 is designed to be no more disruptive than the monthly cumulative updates. It can be quickly deployed inn firms that have implemented the prior spring release. Otherwise the installation of 20H2 will mimic a normal feature release in its deployment timing. Firms with older versions of Windows 10 should review the decisions made that kept you on older platforms that lack the needed security. IT managers can use their IT asset management solutions to easily identify workstations needing an upgrade

Businesses can find themselves facing the true cost of software ownership when a majority of their workers are remote. Prior to the pandemic crisis which created the work-from-home (WFH) model, companies may have had part-time workers sharing software licenses. However, when firms are needi to enable a large remote workforce and send a computer home with each end user, they will need to install the true number of licenses for those instances. In addition, normally the end-of-support cycle for a software platform incents companies to upgrade before vulnerabilities or outages impact key business processes. To that end, Microsoft plans to end technical support and security updates for Microsoft Office 2010 by October 13. A comprehensive IT asset management solution is invaluable in managing a remote workforce to maintain software license compliance and manage software upgrades.

Bring your own device (BYOD) policies aren t new, but they aren t consistently found in the small and midsize law firms where the majority of U.S. lawyers work. However, due to the work-from-home (WFH) environment created by the COVID-19 pandemic, many smaller firms are implementing more robust BYOD policies. Lack of a BYOD policy could expose client data to increased cybersecurity threats. BYOD vulnerabilities were exacerbated when firms sent lawyers home in March, without corporate software, hardware or mobile phones. The WFH initiative came on so fast that many companies were struggling to get devices and software to employees. After six months of WFH more companies are enforcing BYOD practices with telework agreements and clear rules on what BYOD is appropriate, and what protections are required.

A recent survey of ITAM Review readers indicated that software publisher audits are up during the global pandemic. Of the companies conducting the audits Micro Focus was reported to be least helpful and Microsoft was the most helpful. The preliminary results are from the ITAM Review s community survey. Of the respondents about Around 20% saw significant increase in audit requests 27% reported a slight increase and 40% saw no marked difference in audit levels. The full results will be published in an upcoming ITAM Review.

Corporate decision-makers at all levels are coming to realize that different work-from-home (WFH) users have very different needs. What may be totally adequate levels of security and performance for general users are inadaquate for power users, and for super users, could constitute a serious breach vulnerability. Super users need consistent, reliable, high-performance connectivity and the same level of security security ina WFH environment as they had in the office. The level of the information they process is the same whether they work from home or in the office, so neither should the level of security. Super users working from home require a secure environment within their own home network and wired and wireless connectivity that is completely firewalled from the home network and which connects securely to the office. These users also require higher connectivity, forward error and an LTE modem to load balance the exiting broadband. Lacking this type of network within a network, users home networks are subject to possible easy breach through a laundry list of different IoT devices. Having mission-critical corporate resources sitting unprotected on a generic home network is not advisable.

Zoom video conferencing service is enabling Two-Factor Authentication (2FA). This change will require users to provide two separate pieces of identification information to log in to Zoom. Along with a password or pin number, users will need to have one of a number of extra credentials, which could consist of including a smart card or mobile device, or biometric information including a fingerprint or voice recognition. 2FA adds an extra layer of protection so businesses can erduce security breaches and identity theft. Zoom says by using 2FA s users will no longer have to continually juggle multiple logins and password information..

A new study suggests by Security assessment vendor Coalfire indicates that large cloud services providers are about half as likely to experience a data breach as compared to large enterprise IT infrastructures. Data from 800 penetration tests that emulated cyberattacks on customer networks showed that major cloud services providers are more resistant to data breaches than large enterprise organizations. Just under 20% of the vulnerabilities that Coalfire encountered on infrastructures of large cloud providers fell into the high-risk category. That number compared to 35% similar vulnerabilities in large enterprise networks. Similarly, only 25% of vulnerabilities discovered on medium-sized cloud providers' platforms were high-risk, compared with nearly 40% on networks operated by to medium-sized businesses

the Cybersecurity and Infrastructure Security Agency ordered that a critical vulnerability in Microsoft Windows had to have been patched by midnight on Sept. 21. Unpatched systems needed to be unplugged. CISA warned in an Sept. 18 emergency directive that The flaw affects core authentication capabilities, Without the patch unauthorized attackers could access and take over domain controllers' identity services. In an August notice Microsoft said that the problem could enable an attacker, once they get inside, to elevate their domain privileges within the network without authentications. The unauthorized access could be used to compromise other federal networks. Microsoft issued a software upgrade for the server vulnerability on Aug. 11 and plans to issue an additional update in the first quarter of 2021. IT managers can use their existing IT asset management solutions to identify any unpatched servers.

Digital signal processors (DSP) have been described as a "complete computer in a single chip." However, researchers at Check Point warn that DSPs are vulnerable to hackers. One researcher examined the Qualcomm Snapdragon chip, which is used in nearly half of all Android devices He found over 400 vulnerabilities. A skillful hacker could create a malicious app that exploits these vulnerabilities and bypass the built-in security measures and steal a wide variety of data. The identified vulnerabilities also could allow a malicious app to record calls, turn on a device's microphone, brick devices and to hide other malware on phones, all without people knowing about it. CIOs may want to use the IT asset management solution to inventory the phones in use by remote employees and warn affected users against using their mobile devices for business purposes.

The Federal Bureau of Investigation issued a private industry notification (PIN) to the US private sector regarding the dangers of the use Windows 7. Microsoft terminated support for the OS earlier this year. The FBI noted that it has observed cyber criminals targeting computer network infrastructure after an operating system achieves end of life status. It added that Continuing to use Windows 7 within an enterprise may provide cyber criminals access in to computer systems. As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered. The agency warned that " cyber criminals will continue to consider Windows 7 as a soft target. CIOs are urged to use their IT asset management software to identify devices running Windows 7 and upgrade the as soon as possible.

The 2019 CrowdStrike Global Threat Report noted that over half of cyber-attacks arise from malware-free intrusions whereby a hacker doesn't use a malicious file or file fragment to break into a system. The study suggested that traditional cyber-security practices are not sufficient to deter all attacks. It recommends that firms identify and replace vulnerable legacy systems, insure the use of VPN and limited data access by remote workers and a move to cloud computing and storage. CIOs can used their IT asset management tools to identify vulnerable older systems, insure remote worker configurations meet corporate standards and to determine those applications and data files that can be moved to the cloud.

Take away an employee's remote work gear laptop, phone, headset and their ability to perform is likely down to zero. Companies have centered their work processes around technology in years past, but that trend accelerated as the pandemic hit. We're using our devices as a medium for everything," she said. "We need the physical assets to connect with our people and need a channel to connect with users." CIOs can use their IT asset management tools to determine what assets they have and match them to the operational requirements of the new normal. That data can be used to drive what technology will needed to optimize operations in the future.

In the current business environment, many companies are restructuring and closing at least some parts of their business. As part of the process management needs to know what assets it has where the sevices are located, and what data is stored on those systems. If that information isn t available there is a risk of leaving intellectual property, confidential information, personal data or user accounts exposed without controls or monitoring in place. If the dependencies with other parts of the business aren t understood, operations for the remaining business could be interrupted. David Sun, digital forensics and cybersecurity partner at Advisory Services Group BlumShapiro noted that In an ideal world, the CISO already has a map and inventory, something laid out of what its assets are in a detailed manner. If you're shutting down a system or division, inventory and map and recognize where all your risks are. Corral all that intellectual property into one location where access is restricted so that's not scattered all throughout [the business]. A fully functional IT asset management solution provides management with this critical information.

Microsoft recently released a patch for a Remote code execution vulnerability that affects its implementation of the Domain Name System (DNS) server on Windows The company and urged organizations to deploy the fix as soon as possible. Remote code execution vulnerabilities can affect the core networking components of operating systems and are among the most dangerous flaws that can lead to the mass exploitation of computer systems. The vulnerability, labeled CVE-2020-1350, was discovered by researchers from Check Point Software Technologies. The flaw received the maximum CVSS severity score of 10, making it critical. In addition, according to Microsoft, it's wormable. Microsoft explained that "Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible." CIOs can use their It asset management toolset to identify vulnerable and unpatched devices.

Cyberattacks are like wildfires, and have the same the potential for devastating loss of life and property. Consequently, protection against them is considered a matter of national security. U.S. Government i technical guidance has been created to aid agencies and organizations for, detecting and recovering from a cyberattack. The guidance a few basic steps, including holding cybersecurity training programs, using strong spam filters, scanning emails, blocking known malicious IP addresses, implementing regular patch management, and installing anti-malware programs. Business continuity preparation also figures largely in the guidance, including regularly backing up and securing data and conduction periodic penetration testing and vulnerability assessments. Implementing an It asset management solution can help to identify vulnerable systems, check for patches and identify systems without anti-malware software.

In the new work-from-home (WFH) environment, organizations may need to review their Microsoft licensing to address changes in how their end users are accessing the organization s network. Along with licensing penalties for non-compliance, firms can also be vulnerable to security threats originating from an end user s device that may not have the proper software security updates needed to ensure the protection of the organization s environment. Firms that are unsure of what their Microsoft licensing allows, but don t want to alert Microsoft that they may be out of compliance, should Miro Consulting. Miro can conduct a comprehensive review of the assets, entitlements, contracts and purchasing documents to help the firm remain in compliance with Microsoft. CIOs are urged not contact their Microsoft reseller for help with licensing, as they re contractually obligated to report any licensing inconsistencies to Microsoft.

As COVID-19 forces many firms to embrace work-from-home (WFH), it s also creating a wave of layoffs. Those factors are creating a potential security risk for many organizations. As remote employees are terminated personal electronics used for work in a decentralized workforce could make it difficult for companies to revoke data access and retrieve their IT equipment. In the WFH environment, revoking a remote employee s access to corporate data requires assessing and obtaining all the corporate data in the employee s possession. If an employee-owned device is being used for work, it could place an even bigger burden on employers. It is important that companies review their policies, procedures and controls regarding remote or personal devices being used for corporate business. Using an IT asset management solution that can inventory remote devices can provide critical information in the device and data retrieval process.

A security flaw in a series of IoT connectivity chips manufactured by Thales could leave billions of IoT connected devices open to cyber-criminals. The flaw in the EHS8 module family was discovered by IBM's X-Force Red hacking team. EHS8 modules are designed for use in. industrial IoT machines used in factories, the energy sector, and medical roles. The modules are designed to create secure communication channels using 3G and 4G networks. An attacker targeting an EHS8 module can exploit it remotely and gain total control over the affected machine Thales has been working with IBM and has released a security patch for affected devices, which includes Thales' BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81, and PLS62 modules as well. The threat posed by this flaw is a serious one and underscores the need for effective patch management. An IT asset management solution can be a key tool in identifying patched and unpatched devices.