The Challenge Of Tracking Assets With Limited Resources
Adam Pankow, Cybersecurity Administrator at Extreme Engineering Solutions, is acutely aware of the importance of compliance within a security program. However, since joining in June 2018, a problem facing many organizations was holding Adam back: a clear understanding of exactly what assets were on his network.
“If you ask five different people in the organization what we have on the network or how many assets there are, each one of them will pull up a different tool and give a different answer,” Adam said.
While the problem was known, the solution wasn’t obvious, and compounded further by separate data sources across departments and a lack of sufficient resources. With a smaller security team, Adam found the manual process of asset discovery consuming too much of his team’s time and energy.
“It was extremely difficult. We had to pick multiple sources and comb through each of them, amplifying the amount of work,” he explained.
Addressing Compliance Regulations
With the rising pressure to meet compliance regulations, especially when working with government customers, Adam and his team realized that manually tracking assets was no longer sustainable.
“One of the key pillars of NIST and other compliance frameworks is understanding the scope of your network, understanding what is occurring on it, and being able to efficiently detect things that shouldn’t be on there,” Adam said. “We weren’t able to easily do that.”
Adam decided to reach out to his professional network for advice on how to attack the issue — and the resounding answer was Axonius.
“Everyone I spoke with saw Axonius as the only real tool for the job,” he said.
The “Aha” Moment
As soon as the proof of concept (POC) with Axonius was initiated, Adam and his team were able to see how easy it was to attain a full, comprehensive inventory of all the assets on their network. This drastically reduced the time it had previously taken to dig through a multitude of tools.
Once fully installed, Axonius quickly became a key piece in Adam’s security workflow. By plugging into the Axonius adaptors, Extreme Engineering Solutions is now able to correlate and aggregate data from all of their existing tools. This helps them identify and address unmanaged device concerns to ensure critical compliance requirements.
“The POC alone showed us how many different data sources we have that can be correlated,” said Adam. “We want to be aware of everything that is on our network and know that it is configured in a proper manner. Axonius helps us ensure that, by being able to aggregate all our data sources and then see if a device is improperly configured.”
Beyond a security standpoint, Extreme Engineering Solutions also found the adaptability of the Axonius platform could be utilized in other departments — namely, IT.
“If there’s a device that’s causing disruption, IT has limited access to Axonius, so they can now quickly search and actually figure out where that device is located, without having to check multiple sources,” he explained.
“Axonius’ response time is unmatched – they’re able to turn around a revision or address concerns we have almost immediately” said Adam.
“I’ve been impressed and pleased with the speed of their team, their responsiveness, and their professionalism.” he went on. “Their product answers questions that really should be easy to answer — I didn’t think it was possible for it to be so easy.”
Tim Finnell is the Senior Manager of Global Channel, Customer & Field Marketing at Axonius. Prior to joining Axonius, Tim spent 3 years at Cybereason holding several roles including Inside Sales Representative and Manager, Field Marketing – Eastern U.S. Prior to working in information security, Tim spent time in the Financial Services industry. Tim earned a Bachelor of Science in Business Administration from Northeastern University.