Presentation is loading. Please wait.

Presentation is loading. Please wait.

Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.

Similar presentations


Presentation on theme: "Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset."— Presentation transcript:

1 Asset & Security Management Chapter 9

2 IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset life cycle, from initial ordering or purchase to retirement and disposal. Asset management provides IT department with the information to efficiently manage and leverage assets for increased productivity and reduced cost of ownership.

3 Assets include… Hardware Software Proprietary data Backups and archives Manuals, guides and books Printouts Audit records Distribution media for licensed software Warranties and maintenance records.

4 Organisational benefits… Helpdesk can view configurations, service history & track problems Facilities manager know where the assets are located Service manager has easy access to warranty and maintenance records Network manager sees network configuration in detail Accounting has value of assets & tracks technology investment

5 Organisational benefits… Purchasing manager views costs and orders across the organisation Financial manager can view the entire inventory and determine how to get the best return on technology investment System manager can see lease and maintenance status and can efficiently plan upgrades Software manager can view licensing information IT manager can discover ways of optimising IT resources across the organisation

6 Challenges… Constant change Non-standard environment Mobile devices

7 Collecting information… First step is to compile an inventory of all technology assets – Auto discovery tools gather data about technology assets via the network

8 Asset tracking information – User contact information – Hardware configuration – System software configuration – Serial number – Warranty information – Network wall jack and port numbers – Physical location – Asset identification tag umbers – Troubleshooting and service histories

9 Helpdesk benefit Availability of configuration Information Accuracy of information Prevention of widespread problems Remote diagnosis of problems Detection of unauthorised software Tracking of software usage Determination of Total cost of ownership Implementation of Change Requests Tracking of warranty and maintenance information

10 Question Is an asset management system a replacement for an existing helpdesk information system?

11 Computer Security

12 Is the process of planning, implementing and verifying the protection of an organisation's computer-related assets from internal and external threats.

13 Measures Passwords, locks, file protections and encryption to keep intruders out Log files and system alerts to warn of unauthorised entry Backups, uninterruptable power supplies and mirrored disk images to repair or replace items after damage Security policies to handle violations that do occur

14 Physical security Protection of building sites & equipment from theft, vandalism, natural disasters, manmade catastrophes and accidental damage.

15 Security Threats Natural disaster Utility outage Hackers Viruses Theft of assets Political terrorism Subversive employees or contractors System configuration changes Bugs in software

16 Security Process Stages 1.Identifying assets 2.Assessing risk 3.Preparing 4.Monitoring 5.Responding

17 1. Identifying Assets Before assets can be protected, they must be identified.

18 2. Assessing security needs & risks Determine the risk level of the organisations technology assets – Physical security – Computer/data centre – Data security – Data classification – Data access privileges – Social engineering

19 3. Preparing for Security Violations A well written, comprehensive security policy is the foundation for a secure computing environment. Must state – Purpose – Scope – Terms – Rights of users – Delegate responsibilities & action – Reference related documents

20 Example Information Security Policy http://www.it.ox.ac.uk/policies-and- guidelines/information-security-policy http://www.it.ox.ac.uk/policies-and- guidelines/information-security-policy

21 4. Monitoring An intrusion detection system (IDS) e.g., a sniffer, inspects all inbound & outbound network activity & identifies suspicious activity

22 5. Responding to Incidents Incidents will occur Incident handling demands the ability to quickly and efficiently react to disruptions There should be a written procedure to be followed in the event of a violation or attack A disaster recovery plan must be in place and practiced

23 Backups The activity of copying files to another medium so that they will be preserved in case the originals are no longer available.

24 Backup Methods Full backup – All files are backed up. Most complete and most time consuming. Incremental – Only files that have changed since the last backup are backed up. Least time consuming to backup but most time consuming to restore. Differential – Only files that have changed since the last full backup are backed up. Daily copy – Only files that were changed on that day are backed up Copy – Backing up of only selected files.


Download ppt "Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset."

Similar presentations


Ads by Google