TOPIC: Operations

IT Asset Management - Help secure your environment and save money, too!

Do you keep an accurate and up-to-date inventory of your IT assets?  If not, you may be wasting money and decreasing your overall IT security posture. One of the most important aspects of managing your IT environment is knowing what you have.  Inventory all IT assets: desktops, servers, printers, network attached cameras, routers, switches, firewalls – if it plugs into the network, inventory it.  Use this list to make sure all assets are included in the controls you have in place, such as Active Directory, antivirus, DNS, patch and vulnerability management, and log management.  These are all critical functions that depend on having a good inventory to work from, and a system that was missed because it wasn’t in the inventory increases the overall risk to your environment.  Keep your inventory updated with scheduled periodic reviews, and as changes to your environment occur.   From a financial perspective, poor inventory management could lead to issues such as continuing to pay for maintenance or licensing on a system that was decommissioned years ago or leaving a long-gone system on the books.  The finance folks just love it when that happens!  (Protip: They do not love this.) Proper IT Asset Management is a regulatory requirement in many industries, and scales well beyond these basics.  Ensuring you have an accurate inventory is always the starting point.

    Unperfected Liens to Total loans ratio

    Employee at a credit_union ($1.3BUSA)
    At my institution, Loan operations has an internal goal to have 99% of all loans perfected in the first 90 days after origination. Meaning it is their goal to keep the ratio of 90+ day unperfected liens to total loans at under 1%. Our 'unperfected lien' ratio was around 0.9% pre-COVID and is currently around 1.1% primarily due to COVID slowing things down this year. 

    Is our stance comparable with industry standard best practices? Is 90 days to perfect a lien reasonable? Is having 1% of loans be unperfected reasonable as long as efforts are continued to get the lien perfected?

    Thank you!

      Don't Suffer from Alert Fatigue

      We live in a busy, and often stressful world.  With most of us carrying around at least one always-connected device, we are constantly bombarded with notifications, reminders, and pop-ups from apps trying to get our attention.  It can quickly become overwhelming, resulting in us either quickly dismissing notifications without looking twice, or just ignoring them completely until we get in and clear them out.

      For those poor souls out there responsible for maintaining or securing servers and networks, you have even more alerts to watch and worry about.  From backup jobs completing, to another port scan on the firewall, inboxes can quickly fill with hundreds, if not thousands of emails…and we just don’t have time to read them all.

      Just about any modern application can send alerts, and they serve an essential function, reaching out and letting us know when something important has happened.  The problem can arise when we just turn on all the alerts, and quickly have so many they all blur together and we wind up with a folder (or 20!) full of unread notifications.  Missing that one alert you really needed to see in all the noise is a very real danger.

      Email notifications are supposed to save you time, so it’s time to make them start working for you.  Here are a few quick suggestions:

      • Simplify things as much as possible.  Don’t let your alert inbox folders become a log location.  You should have a SEIM or log aggregation server for that. (You do have one, right?!)  Log everything, but most applications allow you to pick and choose what events you get emails for, so be choosy.  Only setup emails for things you want to see immediately.
      • Inevitably, you will get notifications for things that are not what they seem and are probably not issues.  Either tweak these so you don’t get alerted on non-problems or turn them off.
      • If you routinely get alerts on the same recurring problem, where possible just fix the problem in question.   Procrastination will get you used to ignoring alerts and can make it easier to miss the important things.
      • If you have simplified as much as possible, and still have a bunch of emails to go through (or ignore!) each day, consider creating rules to help you parse and bubble the interesting ones up to the surface.  With most email clients you can create rules to move messages, set colors, and other helpful things to make your life easier!