Cybersecurity teams often find themselves responsible for the physical security of technology resources. The loss and theft of these resources exposes organizations to millions of dollars of losses each year, and when those devices are lost or stolen it is critical to understand what was on them to perform a security impact analysis. In this video, learn about hardware inventory processes and media management.
- [Instructor] Cyber security teams often find themselves responsible for the physical security of technology resources. The loss and theft of computing devices exposes organizations to millions of dollars of losses each year. And when those devices are lost or stolen, it's critical to understand what was on them to perform a security impact analysis. Any good physical security program must begin with an inventory process. Quite simply, you can't keep track of your hardware if you don't know what hardware you own.
The hardware inventory process should be integrated with the provisioning and decomissioning processes that occur throughout the lifecycle of a piece of hardware. Most organizations accomplish this through the use of an asset management system that either stands on its own or is part of a larger IT service management platform. Let's walk through the lifecycle of a typical piece of hardware and how the inventory might change over time. First, a user states a need for a new piece of hardware.
Let's say that I want a new laptop. I might contact my IT staff member and they would assist me with the order. As soon as the order is placed, the IT staff member should create an inventory record to track the status of that hardware. Next, the hardware arrives on site a couple of weeks later. The receiving clerk who accepts delivery should match it up to the hardware inventory record and note that it was received; maybe adding some information to the hardware record, such as the device's serial number. The clerk then sends the device on to the IT staff member and notes in the inventory that that person has possession of the device.
After configuring it to meet my needs, the IT staff member delivers the device to me and changes the inventory record to indicate that I have possession of the device. I might use the computer happily for several years and then decide that I want to order a new device, which starts the whole process we just described again. After I receive my new device, I give the old one to the IT staff member who then decides to reuse it for another employee, updating the hardware inventory to note that I am no longer responsible for the device.
Data is critical to a hardware inventory. As soon as someone misses an update, the data may become very inaccurate. For this reason, many asset management systems include automation technology that can correlate inventory records with devices present on a network pointing out any inconsistencies to inventory managers. Media management is a related and important task. While it's impossible to track every piece of data storage media in an organization, security teams should definitely track media that contains highly sensitive information.
To join one of Mike's free study groups for access to bonus tips and practice questions, visit certmike.com.
- The security triad: confidentiality, integrity, and availability
- Security principles
- Resource security
- Data security
- Security controls
- Assessing security controls
- Security policy
- Physical security