Are your assets up for the job?

Pop Quiz:

quiz visual

What do these questions have in common?

  1. Does your company have an asset lifecycle management policy in place?
  2. Does your company have established roles and responsibilities defined for assessing risk management decisions?
  3. Does your company understand and monitor the cybersecurity risks to operations and are policies in place to support operational risk decisions?
  4. Are security policies maintained and used to manage protection of systems and assets?
  5. Are policies, procedures and processes in place to manage and monitor industry regulatory requirements around cybersecurity risk?

Answer:

They are all critical elements identified in the following frameworks (to name a few):

  • NIST (National Institute of Standards and Technology
  • CCS CSC (Council on Cybersecurity Critical Security Controls)
  • CMMC (Cybersecurity Maturity Model Certification)
  • CIS 20 (Center for Internet Security)
  • HIPAA (Health Insurance Portability and Accountability Act)

(https://www.hhs.gov/sites/default/files/nist-csf-to-hipaa-security-rule-crosswalk-02-22-2016-final.pdf)

If your managed service provider is truly your business partner, then they are asking you these questions too. As a matter of fact, they should be asking several questions to ensure that your assets are up to the job – both in terms of performance and security. Some questions you might have about that:

What does asset lifecycle management have to do with cybersecurity?

According to Webroot, “…15 percent of all files it identified as malware were on Windows 10 machines, while 63 percent of confirmed malware was on Windows 7.”

https://www.zdnet.com/article/windows-10-vs-windows-7-microsofts-newer-os-is-almost-twice-as-secure/

Old devices don’t just slow you down, but they increase your risk of downtime and lost data due to encryption malware.

update button on keyboard

How do outdated operating systems impact my business?

“When large technology companies such as Google, Apple and Microsoft release software updates, they not only provide patches for security vulnerabilities, but they also help end-users to protect their systems against cyber attacks.” (https://www.bitsight.com/

Bitsight also found in researching 35,000 companies that even though the evidence is clear that outdated operating systems pose a threat to companies, it is typical for companies to take months to update.

an image of throwing money away

How much is an older device costing me?

Outdated devices slow your employee productivity.  In larger companies this means more employees, office space, benefits, taxes, etc.  In smaller companies it means overtime and loss of productivity and morale.  Your IT provided should be able to give you insights here.

Leave a Reply

Your email address will not be published. Required fields are marked *

Additional Posts

year end calendar

Time for an EOY qbr (lowercase intended)

Not only is it the season of thanks and the season of giving, it is also for many businesses the end of the fiscal year. An MSP who is a strategic business partner with its clients is well positioned to help their clients make the most of the season.

Read More »
Bitnami