Gaining organizational effectiveness
The four key organizational governance steps to maximizing the value that is delivered by Asset are as follows:
- Develop a dedicated change management process. See Change management.
- Define distinct roles and responsibilities. See RACI chart.
- Track operational maturity. See Operational metrics.
- Validate cross-functional alignment. See Organizational alignment.
Develop a tailored, dedicated change management process for asset management, taking into account the new capabilities provided by Tanium.
- Update SLAs and align activities to key resources for Tanium Asset activities across IT Security, IT Operations, and IT Risk / Compliance.
- Designate change or maintenance windows for various asset discovery scenarios (example: setting up Active Directory Query and external data sources, integration with CMDBs such as ServiceNow or Flexera).
- Identify internal and external dependencies to your asset discovery process (example: to achieve effective integrations with the CMDB or Active Directory Query).
- Create a Tanium Steering Group (TSG) for asset management activities to expedite reviews and approvals of processes that align with SLAs.
- Determine frequency of reviews for changes and new information.
- Consider conducting at least a quarterly review of change management process.
A RACI chart identifies the team or resource who is Responsible, Accountable, Consulted, and Informed, and serves as a guideline to describe the key activities across the security, risk/compliance, and operations teams. Every organization has specific business processes and IT organization demands. The following table represents Tanium’s point of view for how organizations should align functional resources against asset management. Use the following table as a baseline example.
|Task||IT Operations||Asset manager||Asset user||Rationale|
Identify Asset scope
|R||C||C||The Tanium platform owner must identify computers that are in scope for Asset. This scope is likely all computers, but a conversation should occur between the CMDB owners and the Tanium platform owners to fully understand scope across both tool sets.|
|Configure supporting tools||R||-||-||The Tanium platform owner rolls out the required Asset Tools (including Indexing capability) to the determined set of computers. The Tanium platform owner also must continually monitor tool deployment and upgrades.|
|Create Asset reports||R||R / C||R / C||The Tanium platform owner and business process owner end user must define the report requirements, then build those reports in Asset for viewing by business owners. The platform owner can configure role-based access control (RBAC) to allow users to view reports, or allow business owners to build read-only reports.|
|Asset RBAC management||R||C||I||The Tanium platform owner must plan and implement appropriate Role Based Access Controls to allow other business units to access and create reports and views.|
|Enable tracking of products||C||R||C||If Software Inventory & Usage is configured, the platform owner can enable the business owners to align to the identified vendors and products in Asset or the CMDB.|
|Collect defined data||I||I||I||Tanium Asset collects asset data based on defined requirements and configurations.|
Successful organizations use Tanium across functional silos as a common platform for high-fidelity endpoint data and unified endpoint management. Tanium provides a common data schema that enables security, operations, and risk/compliance teams to assure that they are acting on a common set of facts that are delivered by a unified platform.
In the absence of cross-functional alignment, functional silos often spend time and effort in litigating data quality instead of making decisions to manage software and hardware assets.
Managing an asset management program successfully includes operationalization of the technology and measuring success through key benchmarking metrics. The key processes to measure and guide operational maturity of your Tanium Asset program are as follows:
|Usage||How and when Tanium Asset is used in your organization|
|Automation||How automated Tanium Asset is, across endpoints|
|Reporting||How data from Asset is consumed by people and systems within the organization|
In addition to the key asset processes, the key benchmark metrics that align to the operational maturity of the Tanium Asset program to achieve maximum value and success are as follows:
|Executive Metrics||Key Vendors with Tracked Products||Unused Tracked Products|
|Description||The key vendors with tracked products||The tracked products that are not being used|
|Instrumentation||Software Inventory & Usage > All Vendors||Software Inventory & Usage > All Products|
|Why this metric matters||Key vendors with a cost associated with them that do not have any tracked products are a detriment to the value provided by Asset, especially when it comes to software utilization. Cost-significant products should be tracked.||The metric demonstrates the usage and effectiveness of software the company has determined is worth tracking on a per user level. Unused software licenses can be reclaimed.|
Use the following table to determine the maturity level for Tanium Asset in your organization.
||Custom sensors created for use, and new attributes added from custom sensors||Destinations (ServiceNow or Flexera) and external sources are configured, providing enrichment and context to Asset endpoint data||
|Automation||Import schedule configured, assets are visible||
|Reporting||Manual; Asset workbench and dashboard for Operators only||Manual; Asset reports using integration details||Automated; exporting scheduled reports to file / email / SQL||Automated; CMDBs receiving data from Tanium Asset for reporting||Automated; CMDBs receiving data from Tanium Asset for reporting, including any third-party products with the Tanium Asset API|
|Metrics||Key Vendors with Tracked Products||70%||80%||90%||95%||98%|
|Unused Tracked Products||50%||40%||30%||20%||5%|
Last updated: 8/3/2021 9:08 AM | Feedback