Educause Security Discussion mailing list archives
Re: Inventory Benchmark
From: "Barton, Robert W." <bartonrt () LEWISU EDU>
Date: Tue, 25 Jul 2017 15:27:05 +0000
It would have to be out of known machines. We do keep an inventory (barcode, serial number, standardized names), which can be compared to Symantec, MS tools, or Solar Winds tools (those same tools could be held to the same standard…why are machines not reporting…). Solar Winds, MS, and Symantec are separate from our “book of record” on inventory (which relates to our service desk software, but we are looking at integrations now). As to season fluctuations, servers vs. laptops vs. desktops, and off-site numbers, that is an issue. But, for a general rule of thumb, you could formulate a low water mark for an acceptable inventory. Robert W. Barton Director of Information Security Lewis University One University Parkway Romeoville, IL 60446-2200 815-836-5663 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brad Judy Sent: Tuesday, July 25, 2017 10:16 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Inventory Benchmark While I understand the % reporting to Symantec out of a known total, I’m not sure how you’d measure the percentage of “unknown” systems. Let’s say there are 500 systems known by your system management/inventory tool. You can measure that 475 have reported in to the tool in the past X days. But, how do you know if there are 10, 20 or 200 systems that are totally unregistered in the tool (the percentage of unknown systems)? Or perhaps I misunderstood and you’re specifically looking at the percentage of known machines that haven’t reported in for a period of time. Brad Judy Information Security Officer Office of Information Security University of Colorado 1800 Grant Street, Suite 300 Denver, CO 80203 Office: (303) 860-4293 Fax: (303) 860-4302 www.cu.edu<http://www.cu.edu/> [u-logo_fl] From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of "Barton, Robert W." <bartonrt () LEWISU EDU<mailto:bartonrt () LEWISU EDU>> Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Tuesday, July 25, 2017 at 8:29 AM To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: [SECURITY] Inventory Benchmark Morning, In trying to evaluate our inventory process; I’m trying to figure out a good benchmark for our inventory percent managed/known. I would like to say, that at any given time, we only have X% of unknown hardware. So, if you asked on Tuesday, I could say we only have 115 machines unaccounted for in Symantec because they are off site, down, or otherwise non-communicating (115 = 5%). That unknown number would need to included inventory issues/errors, non-reporting machines (off site, or down), and machines not controlled yet. 10% to high? 5% to strict? Robert W. Barton Director of Information Security Lewis University One University Parkway Romeoville, IL 60446-2200 815-836-5663 This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you. This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.
Current thread:
- Inventory Benchmark Barton, Robert W. (Jul 25)
- Re: Inventory Benchmark Frank Barton (Jul 25)
- Re: Inventory Benchmark Corn, Michael (Jul 25)
- <Possible follow-ups>
- Re: Inventory Benchmark Brad Judy (Jul 25)
- Re: Inventory Benchmark Barton, Robert W. (Jul 25)