SAM & IT Security – PT II

The past few years has seen support end for a number of globally used products. The likes of Windows XP and Windows Server 2003 are now unsupported by Microsoft, which means that there will no longer be updates or patches for these products.

IDENTIFYING UNSUPPORTED SOFTWARE

The past few years has seen support end for a number of globally used products. The likes of Windows XP and Windows Server 2003 are now unsupported by Microsoft, which means that there will no longer be updates or patches for these products. While both Windows XP and Windows Server 2003 have both been superseded by more capable replacements, the simple fact is that you will still find instances of devices running these operating systems in a variety of scenarios, be it that one machine that runs bespoke manufacturing software that can only be run on Windows XP, or the old server running Windows 2003 that simply ‘cannot be touched’ for whatever reason. It’s somewhat of a catch-22 situation.

On the one hand these unsupported products are still mission-critical; but on the other they represent a security risk, as the lack of updates and patches means they could create a backdoor onto the network and may become a prime target for hackers.

There’s no perfect answer, but armed with an effective Software Asset Management (SAM) solution, those charged with managing the organization’s software inventory can help their security colleagues by pinpointing instances of devices running unsupported operating systems and applications, so that if nothing else a closer eye can be kept on them. Software entering the end of support phase poses a big security threat.

The vendor will no longer provide product or security updates, so it could prove to be a open door to cyberattacks. Software vendors make you aware of the end of support dates of their products via their website or through email communications.

As part of Snow’s Software Recognition Service, the end of support date for a growing number of applications is automatically populated for you. If the vendor decides to change or move the end of support date, or you need to manually enter a date, then you can do so using the Snow SAM platform..

For lesser-known or niche vendors, Snow License Manager offers the SAM team a number of ways to make identifying unsupported software easy:

The SAM team can help defend against this threat by making sure the right processes are in place to ensure there is complete visibility of the software estate.

SERVER PATCHES

As the datacenter is quite possibly the most important environment within any IT function, it is vitally important that all of the servers within the datacenter are protected. Datacenters are subject to a steady flow of patch releases which include both security and productivity enhancements.

Architecture and infrastructure teams are always interested in knowing what patches are on what servers, and that type of information can be provided by the SAM team.

Inventory tools are a good place to start, as long as the SAM team is confident in the accuracy of the data and that the inventory agent is on the server. With Snow Inventory, the SAM team can paint a picture of when a server was last patched, and what that patch information is ( a name or number).

Snow Inventory supports major enterprise platforms such as Windows, Linux, UNIX and VDI which helps provide transparency and clarity of the whole IT estate. Snow Inventory provides information on server patch levels, enabling the SAM function to provide IT Security and the Architecture teams with valuable data that will help ensure servers are up-to-date in terms of functionality and security.

Once the raw data has been cleansed and normalized through Snow’s Software Recognition Service, it is then fed in to Snow License Manager where there are a number of standard reports that helps to identify the servers, server hardware specification and associated virtual machines.

While this is a simple and easy job for the SAM team, it is highlighting the important data that SAM and SAM technologies can provide, and further emphasizes the overall business impact SAM can have.

DATA SECURITY

Other types of data security that impact organizations are the data on physical devices. Organizations tend to have ‘shared drives’ that users backup their documents to, but what about sensitive information that is stored locally on a laptop? This is where the relationship between SAM and IT Security comes into play. Where the organization may not have the ability to remotely wipe a laptop (for example it may not be connected to a network or have the right software etc.), the SAM team can provide the business with important information and data about the device.

Once the information regarding the lost device has been gathered through Snow License Manager, the Service Desk team can then provide the user with a new device with the same configuration and software. The user may be up-and-running again, but there may be unrecoverable data on the lost device.

All machines should be backed-up on a regular basis, so the organization may be able to recover important files. There have been a number of high profile cases in which sensitive and secret information has been only saved on a laptop, and then the user has left it on a train.

TAKE CONTROL

Start by building the relationship with your IT Security team. I would suggest a meeting to discuss the following ways in which SAM can assist them in keeping out unwanted attacks:

All of the above shows the value that software asset management can bring to the IT Security team. Leading IT Security analysts* state that it takes on average 146 days to discover a security breach within the IT Landscape, which is a huge amount of time for hackers to gain access to sensitive systems and data.

Take advantage of SAM and Snow License Manager by providing timely and accurate reports to the IT Security department.

By providing reports, the SAM function is essentially giving the security department information they currently do not have in order to make informed decisions that will help keep your corporate data safe.

Read Part 1 in our IT Security & SAM blog series to understand further the impact Software Asset Management can have on IT Security. 

*Source: https://www2.fireeye.com/M-Trends-2016.html