3 min read

ITAM - What it is and why should providers care

By Prime Care Tech Marketing on Tue, Jul 19, 2011 @ 02:59 PM

ITAM covers all IT assetsPersonal productivity devices, such as desktops, laptops, smartphones, and tablet PCs, and the data they generate and retrieve have contributed to a wealth of information and…risks for Long Term Care. If Information Technology (IT) managers are unable to monitor, manage, and protect productivity devices, software distribution, and how information is exchanged and filed, providers run a considerable risk of data loss, non-compliance, and potentially fatally damaging their operations. Implementing sound hardware and data management practices is the responsibility of all providers. IT Asset Management (ITAM) embraces the technology and best practices that can help IT Managers with this critical task.

What is asset management?

ITAM encompasses mostly the hardware components of the IT infrastructure and its interconnected computers - in other words, everything that supports the flow and processing of information. Consider, for example, data and computers. What IT assets do you have? Where are they? Who has access to them and who is using them? What is the lifecycle of each? What are the procedures for safeguarding each? What is the most cost-efficient method for tracking and maintaining them? One way to look at this challenge is to consider that IT is a business within a business. ITAM is the specific method and tools you employ to manage that business. It is 80% systems and 20% tools.

Why ITAM?

A few years ago, Patricia Adams, Research Director, Gartner Research, identified five drivers toward IT asset management:

  • Software license compliance. Most vendor contracts authorize compliance audits. The Business Software Alliance (BSA) is now offering rewards of up to $200,000 for qualified piracy leads.
  • ITIL (IT Infrastructure Libraries). ITIL outlines an extensive set of management procedures that are intended to support businesses in achieving both quality and value, in a financial sense, in IT operations.
  • Cost control. This includes the cost of IT labor, purchasing, and managing device complexity.
  • Asset security. This involves monitoring and managing asset displacement and network assets.
  • Operational efficiency. With ITAM, most facets of your business run more smoothly.
    Neglecting ITAM can be risky?

In the absence of ITAM, LTC providers are at risk. They may suffer unauthorized access to or the loss or corruption of critical business information and EPHI (electronic protected health information). The impact of such could include liability risks, poor public relations, including diminished shareholder value and goodwill, exposure to and during law suits, and a significant disruption in the conduct of business.

A disruption in business, for instance, will likely involve non-productive time, even downtime resulting from non- or mal-functioning equipment, critical documentation missed or erroneously recorded, missing files, emails not received, and an inability to send MDS or other claims. Providers may also experience loss of continuity in the form of missed deadlines or poor communications. By not managing computing devices, users may download unauthorized applications or updates which can introduce software incompatibilities, even viruses or other malware.

The risks can be costly

Providers also risk increased or unnecessary costs. Malfunctioning IT assets mean upset users; upset users mean increased support calls, which can be costly in terms of needed help desk resources to handle such calls. In the absence of ITAM, providers may have to unnecessarily search out and recover lost data/files. In recovering lost files, providers experience down time and fees associated with archived data retrieval, assuming the data/files can be found. Additionally, lost/misplaced inventory, unnecessary repairs, or necessary repairs not addressed, can also disrupt the day-to-day flow of business.
Other risks include exposure to software licensure and regulatory non-compliance which may result in significant fines/penalties.

Conclusion

An organized and well executed ITAM program is a sound business investment – a practice that should not be ignored.

Question

  • In the absence of ITAM, what other risks do businesses/providers run?
  • What have you implemented to manage your IT assets?

Next Time

In future blogs we’ll discuss ITAM best practices and tools available today through the cloud. Until then, write, if you get a round to IT.

Topics: IT infrastructure computer protection IT asset management ITAM
2 min read

Viruses, Worms, Trojan Horses - How to be Without the Enemy Within

By Prime Care Tech Marketing on Wed, Oct 27, 2010 @ 05:35 PM

If you access the Internet or receive email, you're computer will be subject to electronic infection. Left unchecked and uncorrected the damage these electronic infections inflict can be devastating. But what are these electronic infections? What can they do and how are they propagated? The three main categories of electronic infections are viruses, worms and Trojan horses.

A virus is a small piece of software that piggybacks onto real programs. For example, a virus might attach itself to a spreadsheet program. Each time the program runs, the virus reproduces itself (by attaching to other programs) or wreaks havoc directly. Once it is running, it can infect and spread to other programs or documents.

Most viruses also have some sort of destructive attack phase. A trigger will activate this phase and the virus will "do something," ranging from printing a silly message on the screen to erasing all of your data. The trigger might be a specific date or the number of times the virus has been replicated.

A worm is a computer program that has the ability to copy itself from machine to machine through computer networks. To infect a machine, a worm usually exploits some sort of security hole in software or the operating system.  Each time a worm finds an unsecured server or PC, the worm will copy itself to that server or PC. The new copy then scans for other servers or PCs to infect. Depending on the number of unsecured servers, a worm could conceivably create hundreds of thousands or even millions of copies in very little time.

Worms cause damage by using up computer time and network bandwidth when they are replicating. One such worm was called the Slammer worm. It essentially ground the entire Internet to a halt by sending out millions upon millions of packets of meaningless information which jammed critical Internet servers causing corporate email systems to crash and various web sites to become unresponsive. Other times a worm may replace web pages or generate excess traffic to a particular web site in order to overwhelm it. 

A Trojan horse is a computer program, which, as the name implies, claims to do one thing such as a game, but instead does damage when you run it (i.e. erasing your hard disk). Trojan horses are almost always designed to do harmful things, such as erasing or overwriting data, corrupting files in a subtle way, setting up networks of zombie computers in order to launch DDoS attacks or send spam, spying on the user of a computer, logging keystrokes to steal passwords and credit card numbers, "phishing" for bank or other account details, or installing a backdoor on a computer system to enable unauthorized access by hackers. Trojan horses get around through email, web sites, other infected programs, or through open ports on the network.

Topics: virus computer protection

Featured

Posts by Tag

See all