Fred Cobb – CISO and VP of Services, InfoSystems
Chad Waddell – Sr. Security Architect, InfoSystems
In this episode, Fred and Chad discuss Software Assets, or in other words, the software your company uses. Learn why your company needs to keep an inventory of software assets, how to get control of software assets, and tools that can help you do both of the above.
As you heard in the last episode, many companies don't have an accurate picture of the exact technology they own or pay for on a recurring basis. Companies often struggle to keep track of who possesses company-owned devices and which devices are active vs. no longer working. This also applies to the software that's on these devices. Have you ever downloaded an application to help you with something, then forgot about it a month later? That application sits in the background; not being useful and possibly creating security risks.
In addition, many applications that are downloaded on devices aren't necessary and sometimes download other software behind the scenes. When there is an abundance of unknown, unmanaged, and unseen software on devices, this creates major security concerns. Your company needs to know what software is downloaded on all company owned devices for this reason.
There are a number of tools any company can use to help take over software inventory. One such tool, Spiceworks is a free platform. A similar tool, Lansweeper is a paid platform (free for anyone with 100 or less devices). Both of these tools can save you time, money, and resources, and help create a more secure environment.
In addition to asset management, application whitelisting is recommended process to help keep your IT environment more secure. You can hear more about Whitelisting on a previous Cybersecurity Weekly episode.
There is an abundance of tools and resources available to help you get your software inventory under control. If you have questions about hardware and software asset management, you can connect with an InfoSystems specialist to help determine which tools and processes would be best for your environment.
Listen to the full episode to learn how your business can begin securing, controlling, and taking inventory of your software assets.
We'd love to hear your feedback. If you have any questions, you can text us at 423-697-9528 or email email@example.com.
This episode discusses Control Two of the CIS (Center for Internet Security) "Top 20 Controls." The Top 20 Controls are a set of prioritized best practices designed to help organizations protect themselves from cyber-attacks. It is a framework for every organization, whether you have a full department of IT support or don't have security programs or measures in place. You can learn more about the 20 CIS Controls here.