Computer Baselines

    Security, for many, seems hard to do right.   I know that we all think about firewalls, patch
management, antivirus and physical security.  
But I like to cover an area that does not get focused on by most
companies.

     Baseline and inventory of computers on a network are often overlooked.  I ask all the time, “Do you know what the
computers are in your network?  What are
the services that are running?  What
ports are open?  Who uses the
services?  Who are the users?”

    For the most part, I hear “Uh, no. We don’t know.”   If you do not know what’s running on your
systems, how will you know what changed if someone breaks into your network?  How will you know?  I believe that you need to create a master
file (portfolio) that lists what the computers/servers are doing; what tasks/services
are being run; what ports are open; who is the owner of that application; who
are the users; what are the data backup requirements, 1 a day, once and hour ?;
and finally, who maintains master file (portfolio)?
    If you have this as minimum documentation you can then do a
risk assessment and identify all the systems and prioritize what needs to be
monitored and controlled.