As the pandemic continues to linger and disrupt, enterprises are settling into a new operational model that has work-from-anywhere as its core driver. Employees and their technology will continue to work in either a fully remote, or at best a hybrid IT model. And this is in addition to other disruptive constants like migration to the Cloud, or expanding use of IoT. The scope of managing IT infrastructure is becoming both broader and deeper, while still remaining mission-critical. The breadth of requirements can lead to analysis paralysis, which can often be mitigated by a relatively short and focused list of what we have found to be best practices.
- Integrate management of IT assets into all functions and processes. Every function and process within any enterprise is technology dependent – no exceptions. Because of functional interdependencies between operational groups (e.g. Sales and Customer Success), it is mission critical that all assets for every function are tracked and managed comprehensively and contextually. This can prevent small problems from becoming big, and help avoid downstream disruptions.
- Draw a tight correlation between users and their assigned hardware. Employees and others who have access to your information infrastructure (e.g. partners) are always going to be the weak link in a security chain. The IT ecosystem is increasingly complex and dynamic, and it’s easy to make mistakes even if you’re paying attention. Being able to associate any end user with their assigned devices (and OS, apps, permissions, AV and patch status, etc.) lets you shut down potential data breaches quickly.
- Be diligent on tracking AV status by user and department. As just mentioned, AV status is incredibly important in an age where assets are in the wild and in constant motion. The entire world has shifted to a work from anywhere model, vastly expanding the potential attack surface. Tracking anti-virus usage and currency has got to be at the absolute top of your priority list.
- Use 2FA for all logins, including those delivered by SSO. Another widely available and effective technology, two factor authentication is only slightly inconvenient and well worth the effort, and when paired with single sign-on takes your security profile significantly higher. This works with both Cloud and on-premise apps, and can be used to block access based on non-conformant locations or networks.
- Monitor license usage to avoid true-ups or overspend. This best practice falls into the category of an easily avoidable annoyance. If you use software for which you are not licensed, it is extremely likely the folks from Microsoft or Oracle (or some other righteous behemoth) are going to come asking for a true-up on license usage, and the cost will be significant. The flip side is paying someone like Salesforce for expensive licenses that aren’t being used; know what you need, pay for what you use. Anything else is a waste of money.
- Monitor VM spin ups and spin downs. Virtual machines are meant to be easily spun up for a specific set of requirements, and then theoretically spun down. The problem is it’s easy to forget to take the machine back down and as a result your cloud hosting instance ends up chewing up a lot of space for items not in use. If you’re not in the room, turn off the lights. This will save you money, and tighten up your virtual presence.
- Prioritize assets, most to least critical. All assets are not equal, and you should not treat them as such. The type of business you’re in will determine what your priorities are from a systems perspective; figure out which class of assets are most mission critical and secure them first. Don’t do full range blanket coverage, you don’t have that luxury.
- Track asset use across its lifecycle All assets work their way through a complex life cycle, starting with purchasing, then securing, deployment, monitoring, and end of life or decommissioning. The instant an asset shows up on IT’s radar it’s imperative to lean in hard, any active system or device that is compromised is not just a single instance risk at a point in time, it spreads the risk to anything downstream as well.
- Automate for scalability We are well past the point that IT assets can be tracked manually. There are (surprisingly) a lot of companies that still track assets via spreadsheet, which fails the instant you try to scale, and can in fact be a limitation to growth. And keep in mind the definition of IT asset is expanding rapidly; any IoT device technically falls into this category, which means the number of assets tracked is expanding exponentially. If you’re going to stay in business you have to scale, and if you’re going to scale, it needs to be automated.
- Understand that this is a continuing, evolving process If you have a house full of kids do you clean it once then stop? Assets are constantly entering and exiting your IT ecosystem, your company continues to grow and evolve, and employees and their assets are much more unpredictable in a hybrid IT environment. The need for real-time insight across your organization affects security, compliance, employee engagement and your bottom line.
With everything that is going on (and the volume and pace of change is unlikely to diminish), this is the optimal time to move towards a comprehensive and fully integrated view of your IT estate regardless of location or asset type, which is precisely what Enterprise Technology Management delivers.