IT Asset Management, a three-tiered approach

Asset Management is an enormous task for any IT department. The larger your organization, the harder it is to track every IT asset. To take on the IT asset management challenge, you need to have a three-tiered approach.

Tier 1 – Asset Data Collection

Tier 2 – Asset Data Intelligence

Tier 3 – Asset Lifecycle management

When implementing asset management policies, it is important to have tools in place at Tier 1 that have the ability to track the asset. If your tools at Tier 1 are not efficient, then you will encounter problems when trying to enforce asset policies at Tier 3.

Asset-Management-Graphic

To ensure success when building an Asset Management system, make sure your tools are in place at Tier 1 before moving to Tier 2 and Tier 3

Tier 1 – Asset Data Collection

Collecting asset information is the first consideration for IT asset management.  It is important to have a central database that contains all the information you accumulate. Next, you need tools that scan your network on a regular basis.  These tools need to report back to your database, providing as much information about all the devices connecting to your network.

Tools also need to provide a way for you to connect to your business partners so you can begin to track your asset from the moment you issue a purchase order.  These tools also need to integrate with mobile devices such as bar code scanners that are used to collect asset information.

Most important of all, is to have a method to inventory every software application and virtual OS that runs on the hardware you have in your inventory.  I will go into tier 1 in greater detail on my next blog

Tier 2 – Asset Data Intelligence

Tier 2 is where the magic happens.  After the asset information is stored in the database, you will have thousands and thousands of data points at your fingertips.  Now it is time to normalize the information, to map the assets to relevant information, and to link the assets to their contracts, projects, departments, and people. More on this in a later post.

Tier 3 – Asset Lifecycle Management

IT assets are upgraded and change on a regular basis.  You need to build processes that control how you purchase, procure, and dispose of IT assets.  This includes virtual devices and software along with the associated software licenses. Tier 3 is where you apply ITAM principles. I will expand on these concepts in a later post.

As organizations face the increasing challenges associated with Shadow IT, Asset Management can no longer be an afterthought or a low priority project.  Organizations need to have a grasp on what devices connect to their networks, how those devices are being used, and who is using those devices.  Without an Asset Management strategy, there will be a greater security risk.  If you have devices connected to your network that you don’t know about, then you will be unable to ensure the security posture of those devices.