We’ve met a number of maturity security teams who appreciated the scope of the problem and decided to address the foundational problem of IT asset management by developing an in-house, custom application to deliver a comprehensive inventory. At the time many of these custom applications were built, no commercial solution existed that could do the same thing.
The advantage of a custom tool is that it accounts for all of your specific tools, the nuances of your environment, and ensures support for your specific use cases.
However, there is an extremely high cost to building — and most of all — maintaining a solution. A solution that comprehensively reconciles inventory data from multiple systems will need to be tightly integrated to multiple tools. The APIs from these tools need to be monitored for changes: as the tools evolve and mature, the richness of the data from the API will grow over time, requiring updates from your custom application.
Further, as the richness and quality of the data from these specific IT tools changes, the relative confidence in the tools’ inventory reporting, or the specific attributes that the tools report will change and this affects how the reconciliation process works.
All of this amounts to a heavy, ongoing maintenance workload to ensure your custom application remains accurate in delivering a comprehensive asset inventory.
Of course, now — a commercial solution exists (and you can learn more about that solution here).
In the next set of videos, we’ll discuss in more detail the capabilities required for an automated IT asset inventory solution, whether built in-house or a commercial solution like Sevco. The first thing we’ll discuss in the video next week is the reconciliation process for devices reported across sources.