On April 16, 2018, the US and UK governments issued a warning about foreign governments sponsoring hackers who target the networks of companies and government organizations by exploiting network devices with default administrative credentials. While it was interesting to read the news about the specific warning, it highlights a common question IT leaders and administrative staff face, “When a warning like this is issued, how can we assess the impact to our organization to determine our threat response?” Often, assessment activities are delayed because of the time and effort required to assemble and reconcile a variety of data sources to create a complete and accurate picture of the IT environment. While this analysis is occurring, the company’s IT and operations environments are left potentially vulnerable to attack.
The data in your CMDB may not be as good as you think
A confident threat response requires complete, accurate and timely access to information that can be used to drive decision making. In the case of IT environments, asset and configuration data is the critical information decision makers will need to support threat assessments. Most IT leaders expect and assume the data in their Configuration Management Database (CMDB) is accurate. Unfortunately, for most companies, as much as one-third of the configuration data in their CMDB is missing, incomplete, in-accurate, obsolete or conflicts with other data. If leaders knew how bad their data actually was, then they would probably be nervous about using it – 70% accurate data doesn’t inspire much confidence in decision making.
Fixing reports is not the answer
Many companies respond to this situation by filtering and refining data when it comes from the CMDB to improve the quality and accuracy to an acceptable level to reveal important insights. This often involves merging data-sets, manually reconciling and reviewing reports to filter conflicts and adding missing attributes to a spreadsheet. Not only does this approach require a considerable amount of time, but also it often only achieves 85–90% accuracy, which still leaves a big margin of error in the threat response decision-making process. Because the analysis occurs in spreadsheets and reports, the issues identified and fixes applied to the data aren’t typically returned to the CMDB – meaning the same process will repeat the next time the data is needed.
Improve your CMDB data quality for faster and easier analysis
The solution to this problem is fixing data quality issues as data is entering your CMDB (not as it is exiting). Discovery tools, manual inventory data and external data sources each provide a unique perspective and a partial set of data about your IT environment. Your current CMDB data provides a useful perspective too. The key is determining how to integrate these data sources to assemble the big picture as new data is flowing into your CMDB from these different sources – updating your CMDB records to include the most recent and accurate data available.
Data quality management tools, such as those from Blazent, can help with the threat response process. They use sophisticated algorithms to determine what data is good, what data has changed and what data is missing, so you know exactly what is in your CMDB, and its accuracy. When you’re ready to use the data for decision making, there is less need for the tedious task of manual validation because the source data in your CMDB used for reporting is now accurate. As soon as a threat warning is received, your staff will then be able to understand your risk exposure and confidently advise leadership on what assets are vulnerable and what actions must be taken to keep the company safe.
Data quality management solutions from Blazent can help you achieve as much as 99% accuracy of the asset and configuration data in your CMDB. This is the level of data quality and trustworthiness IT and business leaders expect and on which they depend to make confident decisions when the company’s operations and reputation are being challenged. Learn more about how Blazent will help you understand your potential IT risk exposure here.