Security Operations: Examining Asset Management Flashcards
what are the benefits of asset management?
Improving decision-making through data-driven insights.
Using asset data for strategic planning and resource allocation.
Enabling efficient resource allocation for appropriate resource utilization.
Tracking and safeguarding of valuable assets.
Reducing the risk of asset loss or theft.
Ensuring compliance with regulatory requirements.
Assisting audits through accurate asset tracking.
Minimizing operational costs by optimizing asset life cycles.
Enhancing accountability and responsibility within an organization.
What are the processes of obtaining assets? (purchasing)
Govern the acquisition of hardware, software, or other assets before they’re integrated into an organization’s infrastructure.
Includes documenting asset details and ensuring each asset meets security and compliance standards.
Plan
Research
Purchase
Document
integrate
What are two key factors of Asset Management?
Ownership and Classification
What does ownership entail in Assets management?
Ownership: Designates individuals or teams responsible for specific assets, clarifying who is accountable for asset upkeep, security, and compliance.
Once chosen an owner they will need to consider?
Accountability
Responsibility
Through:
Deployment
Maintenance
Security
Compliance
Retirement
What does Classication entail in Assets management?
Classification: The process of categorizing assets based on their type, function, or other relevant criteria. This helps ensure they’re grouped logically for identification, monitoring, management, and retrieval.
Through:
Identification
Monitoring
tracking
Security requirements
Compliance
What are the factors to consider when monitoring and tracking assets?
Inventory: It’s important to have a comprehensive list or database of assets for monitoring, management, and security purposes. This can help reduce the risk of unauthorized or unmonitored access points.
Enumeration: This is the process of identifying and cataloging all assets and can include:
Devices
Software
Applications
Infrastructure
Data
What are two ways that we can consider when we need to dispose assets?
Sanitations
Destructions
What does sanitization involve in asset disposal?
Sanitization: Refers to the irreversible process of removing or erasing sensitive data from a device or storage medium to ensure it can’t be recovered or accessed by unauthorized individuals, thereby helping mitigate data-security risks.
Degaussing
overwriting
What does Destruction involve in asset disposal?
Destruction: Refers to the process of physically rendering a device or storage medium unusable or irreparable to ensure that it can’t be retrieved from the medium, thereby helping prevent potential security breaches.
Incinerate
Pay third party for data destruction
What do we need to consider when we use third pary vendors for destructions?
Certification: Refers to the process of obtaining formal documentation or proof that the asset-disposal process has been executed according to established security standards and protocols. This helps ensure compliance and security during the disposal process.
Why is data retention important?
Data retention: Refers to the process of retaining and preserving specific data or information for a defined period after an asset is retired or decommissioned. Typically, this is done for legal or compliance reasons.