TahawulTech.com recently conducted a remote Q&A session with Oliver Cronk, Chief IT Architect for the EMEA Region at Tanium, on the need for quality IT Operations Management and how businesses may keep these element in mind going forward.
- How does asset base visibility affect network protection and why is it essential?
Identifying all devices that need to be monitored for internal and external security threats or risky conduct is the most crucial stage for Operations (Ops) teams to defend their digital assets and networks. Ops teams will only be able to take further steps with regards to IT asset management once this network inventory has been maintained and mapped out.
How can a patching policy be implemented, for example, if no one is aware that macOS is present in the information system (IS)? Discovery tools can significantly increase actionable findings by automating the identifying process. Instead of focusing solely on the company’s head office and network, these solutions can scan all devices, no matter where they are.
This is especially beneficial for today’s distributed workforce, as equipment may be monitored for safety breaches in places other than the office, such as stores, homes, shared workspaces, and so on. As a result, employees working remotely on unsecured internet connections in a private residence or public area, are safe from hostile actors who can break into these networks.
- Explain to our readers the role of compliance and remediation in operations management?
Ops can begin adhering to compliance standards when the expected behaviour of its IT assets gets defined, and the devices have been found and inventoried. Once Ops has this critical information, they can create a baseline of standards and implement the appropriate patch management policy for each operating system.
This is vital to prevent Ops teams from falling prey to shadowing IT, which occurs when employees adopt non-compliant technologies without the knowledge of IT administrators. If Ops are unaware of any tools on the network, they will be unable to discover weakness points, leaving the system vulnerable to hackers.
Recent risks from third-party software such as SolarWinds and Kaseya have emphasised the challenge businesses have in swiftly determining whether or not their existence impacts them in their fleet. That’s why, five years after its release, WannaCry continues to strike some businesses.
WannaCry is a destructive and hazardous ransomware virus that affects corporate computers before spreading to networked devices. This means that a single non-secure computer on a corporate network can endanger the entire company. While WannaCry did not affect the Middle East as greatly as other regions, this was simply due to lucky timing and does not mean that the region continues to be secure from this risk.
To fight against these attacks, businesses must employ various strategies, including installing the most recent updates, setting compliance requirements, and maintaining a real-time asset inventory. As IT networks are constantly evolving, Ops teams have no option but to have an up-to-date perspective of choices to secure employees’ devices from cyber-attacks.
- Why is it important for companies to have a good device configuration policy?
Once compliance has been defined and the patch database for an updated fleet has been created, it’s time to design and implement the device configuration policy. Each machine’s inventory is updated in real-time.
The Ops team has command of “what they operate,” “what is standard,” and “what exists” in the network at that given point. From then on, the circumstances for dealing with third-party application management are in place. Only in this environment can the IT estate be managed uniformly and homogeneously.
This includes making sure that apps embedded in robots or machine tools are updated and ensuring that the publisher/manufacturer is committed to providing and/or completing the appropriate updates. This emphasises Ops’ more decisive and “adult” position in providing recommendations to business divisions, which are frequently the decision-makers in industrial IT purchases.
- When it comes to managing IT services, what role does advanced performance monitoring play?
Today, one of the most critical challenges for IT departments is performance. All too frequently, Ops or Security teams, layer new solutions to fill in the gaps and address discoveries as they occur. This is often due to a lack of understanding of fundamental inventories. As a result, solutions (whether based on a local agent or distant scanning) can overwhelm equipment, which can significantly impact users.
- What are the steps involved in mapping applications?
Mapping applications requires data points from the different layers of application architecture such as the client (enduser) endpoint, the server (backend) endpoints and any other intermediary layers. Many currently attempt to do this by looking only at network traffic flowing across the network. This is often problematic and leaves gaps in the picture as not all networks can be seen and monitored easily. It often requires dedicated hardware or complex network and firewall changes. It is far better to have visibility across every endpoint, as this provides coverage of every network. It is then possible to link network traffic between endpoint network connections, allowing for an accurate picture of application architecture, end-user traffic and upstream/downstream application dependencies. In addition to the network flows, having an inventory of installed applications, users and configurations on the endpoints involved in the application builds a far more rounded picture. It’s also possible to build this picture nearly in real time using continuous data from endpoints – rather than one off or irregular network scans. This kind of insight is invaluable for business resilience planning, cloud migration and managing the performance and risks of running legacy systems.
In turn this can help to prevent failures or enhance performance monitoring, upon which their environment is recognized, compliant, and kept up to date. This enables greater proactivity with end-users, ensuring that they have the best tools and resources for their various needs at all times.