Five ways that automated inventory discovery makes for a more efficient and secure IT estate
'We need to know what we don't know, understand what we have, and we need to validate what we think we have' says Ivanti's Dave Shepherd
It's impossible to know how secure and efficient your systems are unless you understand how they are being used in the real world.
This was the key message from Ivanti's area director Andrew Brickell and sales engineer Dave Shepherd during their address to the Computing Deskflix: Public Sector event on Tuesday.
Inventory discovery is ever more important as assets and services become more numerous, diverse and distributed. As computing evolves towards the edge, and with the current increase in remote working, understanding the state and usage patterns of the organisation's assets is essential for the efficient management of security, support services and procurement.
Knowing where assets are located, what condition they are in and how they are being used allows IT management to intervene proactively in both individual cases and across the estate. If one device or individual has logged an issue, how many others are working around it or just suffering in silence?
To be effective, inventory discovery needs to be carried out on a continuous basis, said Shepherd.
"We need to know what we don't know, understand what we have, and we need to validate what we think we have. Once we understand this we then need to understand if those assets are in a location we think they should be in and if they're using the services we think they should be using."
This information can then be used to remediate issues proactively before they've been logged, or even before users are aware of them, he went on, giving five practical examples of how this can help.
1) Devices degrade and batteries don't last for ever. Typically, batteries are replaced when a laptop user complains, but this intervention is reactive. A proactive approach would be to monitor the battery and replace it when it ages, but then to dig down to see if this applies across the rest of the devices.
"We can apply automation that can determine that the battery needs replacing. So we open a ticket, apply a fix and ship a battery to the user before the user has raised a ticket. We can then apply this not only to one user, but to the whole estate that have a below par battery."
This will not only increase efficiency but also give a better impression of IT, Shepherd said.
2) If issues occur, it may be cost-effective to replace devices or parts that are under warranty rather than keeping them going, but to decide on the best course of actin you need a record of the warranty status of all those items.
3) Another example is the ‘blue screen of death' caused by OS, middleware or application problems. Users may only report a blue screen when it becomes a serious problem, but it could be indicative of serious underlying issues. A system like Ivanti can collect the logfiles and allow IT to intervene before productivity sapping frustration kicks in, perhaps rolling out a driver upgrade across the board.
"We can start to grab the dump files and make decisions. This means we are staying one step ahead. If more issues are raised, importantly we're already working on a solution," said Shepherd.
4) Slow logins are another productivity killer, which can build up if not monitored and optimised on a regular basis. This requires both a short-term fix and also a look at the wider underlying causes by seeing if they exist across the estate.
5) And finally, said Shepherd, the above methodologies can be applied to security.
"An effective discovery method should not only apply to devices and applications but also security, from detecting vulnerabilities and applying patches to ensuring compliance at all times."
A typical example is where a device has disk encryption disabled, which may have been done maliciously.
"Without continual monitoring and sensing this type of threat can go undetected for some time, and so it starts to pose a greater risk."