IT Asset Management Teams (of All Sizes) MUST Remain Vigilant

In our previous (August 2021) blogs, we revisited that Critical Infrastructure (CI) comprises both physical and cyber assets. Like cities and countries, this infrastructure exists within your organization – both on-site and in virtual environments. While cybercriminals may be seeking to harm a region or country by taking out critical infrastructure, they are also both able and willing to do the same to large and small companies and do it at increasing speeds. Therefore, managing your IT assets is essentially overseeing your internal infrastructure. And it’s an important job.  

Attacks Are Constant and Ongoing

As we write this blog, the news is breaking regarding T-Mobile. That hacker is now supposedly releasing information that their steal contains databases that include the data for over 100 million T-Mobile customers. This releases IMSI numbers, IMEI numbers, phone numbers, customer names, security PINs, Social security numbers, driver’s license numbers, and date of birth on the Dark Web. The T-Mobile servers appear to be where the attack originated. What we don’t know is how that attack originated. 

Companies of all sizes are taking steps to physically protect servers with cameras and policies for employee protection, recognizing that physical attacks still occur. They also ensure that their primary and backup data are not on the same site and acknowledge that the cloud is not always the solution. Along with that, they are working with data security specialists to ensure that all proper steps are implemented in their organization. And while this is all necessary, perhaps the most significant step is being aware and ready if an attack does happen. 

In today’s ITAM/ITAD lifecycle, there are new vulnerabilities to consider. Could a threat enter through a hacked remote workplace? Could a hacker walk right through their front door? Is that employee set up to recognize such an incident?

Scams of all shapes and sizes are happening because of information available on social media. If employees are sharing information about their remote work situation, who’s to think they aren’t leading hackers right into your infrastructure.  

Know What to Do and When

To be prepared and avoid worsening consequences, all steps must be taken to educate your employees properly. 

• Make sure employees know who the incident response team is

Valuable time is lost when employees don’t know what to do or when. Ensure that you have a no-harm, no-foul policy in place and that employees know it’s better to report a concern than to let it go unchecked. When employees believe they are “bothering someone,” there is a breakdown in your incident response plan. 

• Attack Identification form

When employees work remotely or in hybrid environments, it’s vital to arm them with the correct tools. Create a user-friendly form that allows employees to answer a series of questions that would give you IP addresses and details of occurrences. These details are necessary in the event of a breach.

• Reward diligence and response

Like knowledge of the incidence response team, developing a culture of diligence is essential. Recognize employees doing the right things to minimize risk and create a culture of sharing those stories as part of ongoing training.  

• Take preventative measures

While all employees may not be privy to the steps taken after a breach is identified, they should all be privy to the lessons learned. A breach situation must be thoroughly solved so that measures can be made to share the findings with employees and update training and policies accordingly. Unfortunately, where there is one breach, there is often another when this due diligence does not occur.  

Managing new security threats as part of an ITAM process can be overwhelming. Recognize that ITAM and ITAD now extend beyond knowing where your hardware is and how it’s being destroyed. A good ITAM process also leads to minimizing threats. It means sharing stories about the latest threats and what other companies have experienced. It often means recognizing that you may not know it all. Outsourced ITAM/ITAD partners provide an extra level of due diligence. While you may think they are just there to help you process new equipment and get rid of the old, they should be thinking outside the box. Every day, new threats enter, and many surround new employees and new equipment entrance(s) into a network. We are most vulnerable when we are in the learning phase. Take extra precautions today to ensure that your ITAM/ITAD processes are part of an overall solid security plan. 

To chat about this subject, contact us today.