Having a complete inventory of your organization’s infrastructure is an essential first step towards a better cybersecurity program. During an organization’s lifespan, technology fails, is replaced, is upgraded, and sometimes is forgotten about. In many cases, some machines are taken out of commission and forgotten about. By keeping a comprehensive inventory and updating it regularly, you can ensure that no changes in infrastructure go unnoticed.
An asset inventory should include all relevant information regarding each asset and its lifespan in the organization, from purchase to deployment. Warranty information and vendor-provided documentation should be included, either within the inventory program or attached as external documents. Hardware information is perhaps the focus of the inventory, including manufacturer information like make and model, as well as hardware attributes like MAC addresses and serial numbers. A hardware asset inventory should also document logical information about the asset, such as its assigned user and department, primary use, and IP addressing information (Dynamic or Static).
Since asset inventory is a common task in business environments, numerous programs are available on the market to help manage this task. SolarWinds offers several cloud-based solutions for inventory and monitoring. Other proprietary products like Asset Sonar and Blue Tally have received positive reviews. However, managing a business with a small number of technical assets. You can generally get by with a simple spreadsheet, as long as it is comprehensive and regularly updated. We have provided a free spreadsheet template for a hardware inventory that is attached to this section of the website.