Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Master Your Security Foundation: Know Your Devices

Ted Gary
April 20, 2017 • 4 Min Read
by Ted Gary 
Blog Home /

Knowing what assets you have is arguably the single most important security control. If you don’t know about a server, desktop, laptop, mobile device or network device, how can you manage and secure it? For that matter, what about cloud instances, virtual machines, and containers?

Fewer than 50% of surveyed organizations have implemented automated controls to inventory the systems and devices connected to their networks

In Q4 of last year, Tenable and the Center for Internet Security (CIS) conducted a survey of 319 IT security decision makers at companies with more than 100 employees. We found that fewer than 50% of the surveyed organizations have implemented automated controls to inventory the systems and devices connected to their networks. I was alarmed by such low control adoption because, as the following table indicates, knowing what is on your network is an important control in virtually all security frameworks and compliance standards.

Standard

“Know What you Have” Control Objective

PCI DSS

Maintain an inventory of systems that are in scope for PCI DSS.

NIST Cybersecurity Framework

Physical devices and systems are inventoried.

ISO/IEC 27002:2013

Inventory of assets.

NIST 800-53 rev 4

Information system inventory.

CIS Controls

Inventory of authorized and unauthorized devices.

Note: The CIS Controls were formerly known as the Center for Internet Security Critical Security Controls (CSC).

CIS Controls

The CIS rates Inventory of Authorized and Unauthorized Devices as the most important security control

The CIS Controls (formerly the SANS Top Twenty) is a prioritized list of security controls developed by an international community of security professionals and institutions. The CIS rates Inventory of Authorized and Unauthorized Devices as the most important security control. This prioritization is designed to guide organizations to:

invest first in controls that will provide the greatest risk reduction and protection against the most dangerous threat actors and that can be feasibly implemented in your computing environment.

The phrase “can be feasibly implemented in your computing environment” deserves additional discussion because “feasibly implemented” does not translate to “easily implemented.” The control’s more detailed description:

Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access and unauthorized and unmanaged devices are found and prevented from gaining access

offers insight about potential implementation challenges.

Managing devices by policy

Are you identifying unauthorized devices and preventing them from accessing your network?

The question of “What do you have?” has been expanded to “Are you identifying unauthorized devices and preventing them from accessing your network?” Preventing unauthorized device access starts with a policy, and organization management must buy into the policy and define any allowable exceptions. Otherwise, the policy will likely be undermined when influential people complain that they can’t connect their personal devices to the network.

Controlling which devices can connect to your network delivers benefits to both security and IT teams. From a security perspective, having only authorized devices on your network allows you to actively manage them to detect and remediate unauthorized software, misconfigurations, vulnerabilities and malware. Benefits also accrue to the IT organization. Having only authorized devices on the network increases network availability and eliminates the break-fix costs that inevitably result from troubleshooting problems often associated with one-off, unauthorized devices.

After the policy is established, automated supporting controls must be implemented to achieve the control objective.

More information

The CIS Controls include six sub-controls that support Inventory of Authorized and Unauthorized Devices. A detailed discussion of these sub-controls is beyond the scope of this blog – but not to worry. Tenable is hosting a webinar on May 3rd, and we will dive into the details, show you how Tenable can help, and answer questions. This webinar is the first of a five-part series that will explore each of the CIS Foundational Cyber Hygiene controls. Brian Ventura, a SANS community instructor, will be our expert guest presenter. Brian teaches a 2-day course: Critical Security Controls: Planning, Implementing and Auditing. He has also taught a 5-day course: Implementing and Auditing the Critical Security Controls – in Depth. In addition to presenting valuable content, we will reserve time for questions and answers.

Look for future blogs where I will discuss the remaining Foundational Cyber Hygiene controls:

  • Inventory of authorized and unauthorized software
  • Secure configurations for hardware and software
  • Continuous vulnerability assessment and remediation
  • Controlled use of administrative privileges
Ted Gary

Ted Gary

Ted Gary is Tenable's Product Marketing Manager for SecurityCenter™. He is responsible for translating the rich features of SecurityCenter into solutions for compelling problems faced by information security professionals. Ted has nearly ten years of experience in the information security field in both product management and product marketing roles. As a senior product manager for security solutions at a telecommunications company, he defined SaaS security services, including cloud-based next-generation firewalls and related managed services. Previously, Ted also defined requirements and marketed file integrity management and configuration assessment products for a software vendor.

Related Articles

Tenable Cloud Security To Help Fed Agencies Tackle Cloud Challenges as It Nears FedRAMP Authorization

July 31, 2024

As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help.

Lindsay Schwartz

Lindsay Schwartz

Tenable Customer Update about CrowdStrike Incident

July 19, 2024

Please read this important customer update about CrowdStrike's recent incident.

Team Tenable

Team Tenable

Tenable Announces Former Senior Administration Officials to Inaugural Public Sector Advisory Board

July 18, 2024

Rob Joyce and Mark Weatherford will help Tenable shape federal cyber and AI policy

Team Tenable

Team Tenable

Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security

November 1, 2024

Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.

Juan Perez

Juan Perez

FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure

October 31, 2024

The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.

By Jill Shapiro and Joseph Decker

Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates

October 25, 2024

Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.

Juan Perez

Juan Perez

  • Announcements
  • Center for Internet Security (CIS)
  • Security Frameworks
  • Webinars

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for free Contact sales

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a sales representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable Security Center

Please fill out this form with your contact information.

A sales representative will contact you shortly to schedule a demo.

* Field is required

Request a demo of Tenable OT Security

Get the Operational Technology security you need.

Reduce the risk you don’t.

Request a demo of Tenable Identity Exposure

Continuously detect and respond to Active Directory attacks. No agents. No privileges.

On-prem and in the cloud.

Request a demo of Tenable Cloud Security

Exceptional unified cloud security awaits you!

We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.

See
Tenable One
in action

Exposure management for the modern attack surface.

See Tenable Attack Surface Management in action

Know the exposure of every asset on any platform.

Get a demo of Tenable Enclave Security

Please fill out the form with your contact information and a sales representative will contact you shortly to schedule a demo.

Try for free Buy now

Try Tenable Nessus Professional free

Free for 7 days

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
now available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select your license

Buy a multi-year license and save.

Add support and training
Buy Now
Renew an existing license Find a reseller
Try for free Buy now

Try Tenable Nessus Expert free

Free for 7 days.

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select your license

Buy a multi-year license and save more.

Add support and training
Buy Now
Renew an existing license Find a reseller