An asset identification and tagging scheme SHALL be implemented to track business hardware throughout its lifecycle.
Control Type: Physical
Control Function: Detective
Keeping track of IT assets is a fundamental responsibility that many businesses fall behind on. Without a proper asset inventory and a unique identifier for each asset, devices can be moved around, reassigned to personnel, and ultimately lost without a trace.
Asset tags provide a simple and effective way to identify and track business IT assets throughout their lifecycle. These tags can be based on a variety of unique identifiers associated with a device. Common tagging schemes include:
- The system’s serial number
- QR codes or barcodes generated by administrators
- A unique logical ID structure defined by IT administration
- A TPM Identity Key (IK). Trusted Platform Modules (TPMs) can generate an Identity Key, which serves as a unique identifier and can be paired with an Identity Certificate (IC) to sign operations for integrity attestation
Business management and IT administrators should establish a standardized asset identification scheme. Whenever a device is onboarded into the business environment, its asset ID should be printed and physically attached to the device, and recorded in the hardware asset inventory.
The asset ID should also be linked to the contact information of the employee to whom the asset is assigned. This creates a clear audit trail that can be used to notify the appropriate personnel when issues affecting specific assets arise. Additionally, asset IDs can be associated with warranty information, allowing administrators to quickly retrieve warranty details when troubleshooting issues or engaging with vendors.