 Welcome to Top 20 Controls. Critical Control Number 1, Inventory of Authorized and Unauthorized Device. Control Overview. New devices on your network can expose your entire network to numerous vulnerabilities. Many times, these devices are not immediately patched or configured with the proper security updates until it's too late. Attackers, which we a lot of times think of as hackers, but attackers use these devices to access the network and compromise other systems on the network that they are after. While these vulnerable devices may not really have anything super important on there, realize they can serve as a gateway or as a pathway for the attacker to get to systems they really are targeting. So this is a security control of great importance. To implement a policy that satisfies this control, this is required. You need to maintain an accurate up-to-date inventory of all your systems, whether they are deployed actively or not. You need active monitoring of your systems and management configuration. Following these steps can significantly reduce the chance of the attacker getting access to the network through your poorly configured or unpatched systems or devices. When possible, automated asset inventory tools should be configured and deployed. This will provide administrators with the preliminary assessment of how many devices are attached to the enterprise network. Such tools allow discovery by scanning for network addresses as in IP addresses and also by monitoring your network traffic. The inventory count should be maintained with details about each and every machine, such as the network address, the computer name or device name, purpose of the system, end user attached to that asset or device, department responsible for the end user. Any devices that are assigned or acquired through DHCP and IP address should be included in this inventory count, such as desktops, laptops, servers, routers, switches, firewalls, printers, storage area network devices, and voice over IP devices. Automated network asset discovery tools, when properly configured will, are going to consistently monitor your network, making sure that any new devices are detected as they should be. Keep the asset inventory up to date in real time. Properly alert the administrators when there is a discrepancy detected and disable unidentified devices on the network when they are detected, because we only want to have devices that are authorized on our system, not unauthorized devices. To maintain the effectiveness of the asset database, integrity of its content has to also be maintained. We do this by including the database and related systems and routine vulnerability scans, which we, there's a lot of vulnerability scanners out there that are available, Nessus, St, GFI LandGuard, and so on, encrypting the asset information with encryption protocols, adhering to a strict access control policy with regards to the database and related systems, and maintaining separate secured copies of your database even outside of your network in case there's a compromise. To enhance the effectiveness of the control, the administrator could develop a database that invitaries and identifies such things as the critical information, relationship between the critical information and on which hardware assets, your servers, your computers, your workstations, laptops, and so on, the information is stored, and also the department and the end user or individual who is responsible for these assets. To test the automated tools, administrators should deploy devices on the network and ensure the system is operating properly, as well as noting the amount of time that it takes for the device to be recognized by that particular tool. Any failures by the automated tool should be recorded and fixed immediately. Administrators can also include removal media and their control automation. This includes external hard drives, USB, flash drives, and anything that can store information. Additional hardware resources could be required depending on the size of your organization, as well as the number of devices that you need to inventory. Some automated asset discovery systems require a separate server to be set up to handle the monitoring and the administration of your network. Adequate preparation should be made ahead of time to ensure that the controls will be implemented successfully. Additional information, automated network tools will also introduce additional bandwidth strain on your enterprise network. These we need to look at preparations for this, because we do not want these automated tools that are giving us a great feature or they are helping us to at the same time interrupt our business continuity. Because of the dynamic supportable and wireless devices such as your laptops, consideration should be made with regards to tracking of the inventory of these devices. These devices tend to come and go, they tend to travel with the user and they may, it could be easy to forget about these, but not careful. Likewise, remote and virtual systems will need to be inventoried carefully to ensure they are accounted for as well.