TalkTalk could learn a thing or two about security through SAM

Communications giant TalkTalk recently announced that they have had a cyber-security breach, and that over four million customers details (including sensitive information) has been leaked out to the hackers, writes David Foxen.

A group calling themselves ‘Russian Jihadist hackers’ have claimed responsibility, and also claim they have the four million customers details at their fingertips.

Hindsight is a wonderful thing, but how could software asset management helped in this situation?

SAM & IT Security

The biggest way in way in which SAM can be of a help to security is through accurate data and reports. Information such as:

  • Software versions. How old is the software? Is it still supported?
  • Levels of patching for operating systems. Are the servers on the latest patch?
  • ‘Blacklisted’ software applications. Unapproved software that should not be on the network
  • Unapproved hardware assets. Laptops, mobile devices, other devices that have been connected to the network that should not have been
  • Security software. Is it working? Is it up-to-date?

Providing this information, and actively managing the above data would have helped TalkTalk potentially (a key word) at least prepare for such an attack. We do not know the ins-and-outs of their SAM function, but the reaction from the business and CEO shows that they were caught off guard by this attack and were not aware of the flaws in security that their organisation had. Maybe they need to increase the maturity of their SAM structure?

Preventing cyber attacks - SAM is on team defense!

There needs to be a link between SAM and IT security anyway, as SAM can be a valuable asset through other forms of data it can provide. Through SAM, TalkTalk could have been made aware of any ‘alien’ applications that have been installed on their network; software that could pose a security risk.

Unfortunately, there are a number of applications that have been developed whose sole purpose is to harm an organisation’s infrastructure or business as a whole, and some can have innocent looking names. All new installs of non-approved software should be flagged by the SAM team and passed on to security for further investigation.

Basic SAM can help flag up potential issues before it gets to this stage. SAM can’t stop cyber-attacks, but it can help prevent them.

David Foxen

David Foxen, aka SAMBeast, is currently a Software Asset Manager for a large retailer. He has previously worked as an ITAM Director for the worlds most respected ITAM publication, Global SAM Manager for a large design and architecture firm, a world-wide bank and local government. He has successfully implemented SAM in a number of different environments and has implemented a number of SAM tools. David is a massive ITAM geek, so uses any opportunity to talk about the subject to whoever will listen!

There are no comments on this item

Leave Comment

Post a comment

About this blog
IT service management is about delivering, supporting and managing IT services in an effective and efficient way. This blog provides a platform for experts across a variety of ITSM roles to share their insight and best practice for people to embrace new ideas to improve processes and performance.

See all posts by BCS ITSM

Search this blog

October 2017
M
T
W
T
F
S
S
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31