Ornamental dots. Two rows of three dots. The top row is a light blue. The bottom row is one light blue dot followed by two orange dots. Blog

The tools you need in your toolbox

Cyber Bob, Principal Security Engineer and CTO at Forescout | May 1, 2019

Twitter: @MeetCyberBob

When I purchased my first house with a garage, I decided that it was never going to be used for cars. The garage was going to be my workshop, my ‘man cave’, a place I could get my hands dirty. Then my dad found out and said he had some tools I might enjoy. The box of tools that arrived a few days later sparked a passion for woodwork that I didn’t know I had. My dad had sent me a box full of hand planes, a tool that’s used to shape wood using muscle power. Not only did it give me a great shoulder workout – it gave me great respect for craftsmanship!

Now how does this correlate to Information Technology and IT asset management tools? At work, we tend not to change or throw away tools that work. We also might not think about reviewing the tools that seem to do their job well. A hand plane isn’t going to change, but IT tools are constantly evolving.

How many IT asset management tools have been purchased and are used every day by operations staff? I have heard the number 75 a couple of times. Have a look at your password manager system (I hope you are using one) and count all the subsystems used to maintain or access the business application.

Your toolbox is pretty full, isn’t it?

Now, your CEO or board doesn’t agree with your headcount so you come up with ingenious ideas to automate tasks. Script, program, integrate – it’s going to be awesome! But where do you start?

A key takeaway from the book Team of Teams by General Stanley McChrystal is that you need to change how information is shared. This isn’t about streamlining one or two jobs but creating a better IT asset management system as a whole.

How about letting the endpoint team know about the network configuration? Or ensuring the network team understands the endpoint context or running services? Or how about allowing the security team to get real-time updates on very specific location details for high-value systems, plus critical path awareness of endpoints connecting?

All this is possible today. This is real device visibility and control, thanks to comprehensive IT asset management tools. My belief is that the only way to get full device visibility is by leveraging existing investment in the technology, centralizing access to the information and then overlaying risk assessment and compliance.

Then you will be using all the tools in your toolbox correctly. And that will give you a faster, better product at the end.

What’s the business value and IT impact of Visibility and control? Find out in the IDC White Paper.


Demo RequestForescout PlatformTop of Page