Re: Inventory Benchmark

["Barton, Robert W." <bartonrt () LEWISU EDU>]

It would have to be out of known machines.  We do keep an inventory (barcode, serial number, standardized names), which 
can be compared to Symantec, MS tools, or Solar Winds tools (those same tools could be held to the same standard…why 
are machines not reporting…).  Solar Winds, MS, and Symantec are separate from our “book of record” on inventory (which 
relates to our service desk software, but we are looking at integrations now).

As to season fluctuations, servers vs. laptops vs. desktops, and off-site numbers, that is an issue.  But, for a 
general rule of thumb, you could formulate a low water mark for an acceptable inventory.

Robert W. Barton
Director of Information Security
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brad Judy
Sent: Tuesday, July 25, 2017 10:16 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Inventory Benchmark

While I understand the % reporting to Symantec out of a known total, I’m not sure how you’d measure the percentage of 
“unknown” systems.

Let’s say there are 500 systems known by your system management/inventory tool. You can measure that 475 have reported 
in to the tool in the past X days.  But, how do you know if there are 10, 20 or 200 systems that are totally 
unregistered in the tool (the percentage of unknown systems)?

Or perhaps I misunderstood and you’re specifically looking at the percentage of known machines that haven’t reported in 
for a period of time.

Brad Judy

Information Security Officer
Office of Information Security
University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203
Office: (303) 860-4293
Fax: (303) 860-4302
www.cu.edu<http://www.cu.edu/>

[u-logo_fl]



From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of 
"Barton, Robert W." <bartonrt () LEWISU EDU<mailto:bartonrt () LEWISU EDU>>
Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Date: Tuesday, July 25, 2017 at 8:29 AM
To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: [SECURITY] Inventory Benchmark

Morning,

In trying to evaluate our inventory process; I’m trying to figure out a good benchmark for our inventory percent 
managed/known.  I would like to say, that at any given time, we only have X% of unknown hardware.  So, if you asked on 
Tuesday, I could say we only have 115 machines unaccounted for in Symantec because they are off site, down, or 
otherwise non-communicating (115 = 5%).  That unknown number would need to included inventory issues/errors, 
non-reporting machines (off site, or down), and machines not controlled yet.  10% to high?  5% to strict?

Robert W. Barton
Director of Information Security
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663


This message (including any attachments) is intended only for the use of the individual or entity to which it is 
addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from 
disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you 
are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. 
If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy 
this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.

This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone at (815)-836-5950 and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.

Thank you.