Lost Assets and Rogue devices Part I

Rouge Devices

Have you ever misplaced something? Of course you have, we all have. When this occurs, the realization that you have lost something or, even worse, that someone else may be in possession of that missing item, causes us to have various reactions from anger to fear and sadness. These reactions cause us to start the next phase of actions which may be anything from panic to a methodical search and recovery.

I have seen or experienced many of the different reactions that occur when I’ve lost an asset.

Different types of assets require a difference in the ways that we react to a loss or even a rogue asset. There was a time when I was listening to some ranchers discuss their assets (sheep and cattle), it was the time of year that they were gathering their assets from the vast western ranges that they use to graze their stock on. During the conversation, one of the ranchers stated, “Don’t worry we will find all of the sheep, we have them fully contained, there is no way for them to escape. The Atlantic is on one side and the Pacific is on the other side, how could we possibly come up short?” After much laughter about how impossible it would be if that were the actual boundaries, it became obvious that, at times, that is how IT assets are managed.

Later in the discussion, another mentioned he was missing a few of his assets, he was sure that they were still on location but he just couldn’t find them, every day we would look for them and the next day they would have moved to a different part of the place in the night. Sometimes, in IT, we have the same type of experience with roaming users and their IT assets.

IT asset management starts with a complete inventory of what is in the environment, fortunately IT assets can’t just walk away without help. Many of the technologies that we use to find IT assets may lead us to a similar experience as the rancher looking for his cows, sometimes they are on and other times they are gone. Active discovery of network-attached devices is prone to the same misleading results as looking in different parts of the pasture each day. While the assets are still there, we are unable to know this if we aren’t at the right spot at the right time. Passive network discovery technologies allow us to know when any asset is on the network and reports this. Automated passive discovery is the first step in completing our knowledge about what assets are in the environment, as well as exposing the assets that should not be in there. Rogue devices can bring significant risks to the business and can have devastating impacts.

Implementation of a passive discovery tool should be a high priority to all IT that want to ensure that they are properly managing their assets and securing their environments from unknown risks.