Security Control 1:
Inventory of Authorized and Unauthorized Devices

Reduce the ability of attackers to find and exploit unauthorized and unprotected systems: Use active monitoring and configuration management to maintain an up-to-date inventory of devices connected to the enterprise network, including servers, workstations, laptops, and remote devices.

Key: REQ = Required, REC = Recommended, OPT = Optional

IDDetailsHighMedLow

1.1

Maintain an asset inventory of all systems connected to the network and the network devices themselves.

[additional details]

Record at least the network addresses, machine name(s), purpose of each system, an asset owner responsible for each device, and the department associated with each device. The inventory should include every system that has an Internet protocol (IP) address on the network, including, but not limited to desktops, laptops, servers, network equipment (routers, switches, firewalls, etc.), printers, storage area networks, voiceover-IP telephones, etc.

REQ REQ REQ

1.2

The asset inventory must also include data on whether the device is portable.

[additional details]

Devices such as mobile phones, tablets, laptops, and other portable electronic devices that store or process data must be identified, regardless of whether they are attached to the network.

REQ REQ REQ

1.3

Develop an inventory of information assets that identifies their critical information and maps critical information to the hardware assets (including servers, workstations, and laptops) on which it is located.

[additional details]

A department and individual responsible for each information asset should be identified, recorded, and tracked.

REQ REQ REQ

1.4

Ensure that network inventory monitoring tools are operational and continuously monitoring, keeping the asset inventory up to date on a real-time basis, looking for deviations from the expected inventory of assets on the network, and alerting security and/or operations personnel when deviations are discovered.

REC OPT OPT

1.5

Secure the asset inventory database and related systems. Limit access to these systems to authorized personnel only, and carefully log all such access.

REC OPT OPT

1.6

Use Network Access Control technology to authenticate and authorize devices before allowing them on the network.

REC OPT OPT

Additional Reading