Do you let your internal customers view your IT asset management system?
This might not be a popular view of IT asset management, but I think it makes our internal customers more accountable. Let your customers view a real time inventory of their equipment. Even better, let them see how their employees are doing on compliance against corporate policy. It doesn’t matter if the asset is a laptop being used to write PowerPoint presentations or the central historian for the production line making the latest and greatest of your company’s products – enable your business units to expand their knowledge and understand the risks.
Funny enough, I have seen business units start bragging about their role in cybersecurity – and taking active and accountable steps to reduce overall risk. Peer pressure, it turns out, can be a good thing, even in business! Improving awareness of cybersecurity risk is a key part of effective information technology management. Step forward and automate tasks, encourage involvement – perhaps even present business units with awards for being a part of the team and accepting their role in reducing risk?
This is where is it gets controversial. They will see the good… and the bad. The devices that cannot be patched due to unavailable patches – and the critical systems awaiting updates while the business unit doesn’t want to schedule downtime. And the Windows 10 laptops that never get updated due to cancellations because the employees are always “too busy”? That dashboard should definitely be shown to the executives.
Move Cyber forward.