Hackmad.com

Wednesday, 20 November 2013

Asset management: Part 1 of many

This morning brought up the perennial problem of managing assets; namely, tracking mobile assets.

At the minimum, I would hope you have an excel spreadsheet with a list of your assets, along with serial numbers, device names, owners and locations etc, that gets updated as and when you require. This becomes impractical for anything more than a few hundred devices and if more than one or two users require access to the "database". We use a commercial product for this that does a reasonably competent job (it uses FileMaker Pro in the backend) and we have asset management stickers on every device as it comes in the door.

We also have Casper, from Jamf software, which is currently being deployed, replacing Cisco Meraki.

However, the list of devices I had were some of the very first mobile devices that were deployed at this site, long before my time here, and they weren't in Casper or Meraki, and the location data assigned in the database was long out of date, having been assigned two years ago and, if not forgotten about, neglected until now.

How do you find a device that is no longer in its listed location?

You can use mobile device location services, such as Find My iDevice, or the equivalent in your MDM of choice, but this only narrows your search to a small geographic location - if your business resides in a large building or multiple buildings across a small geographic area, you'll still need to hunt for it manually.

You can have systems in place where users submit move requests to the asset management team, allowing them to update their databases, but this relies on the user to remember to put such requests in, and adds an extra layer of complexity to something which should be very simple - mobile devices were designed to be taken in and out and across multiple locations. Solutions to IT problems should not come at the cost of inconvenience to users.

My solution would be RFID tags on every device, and RFID readers on every entrance and exit - allowing those managing expensive assets to see at a glance where a device has checked in or out. There are some privacy issues here, and I expect the debate to expand with the market, but it's a technical solution to a human problem, that doesn't otherwise negatively affect the user in any way.

In the long run, the costs of deploying RFID tracking to mobile devices will be significantly less than the amortisation costs of lost assets, but the problem remains selling that initial cost to management. The calculations are there to be done, I'm sure most IT departments have a record of how many devices failed to return from their travels, and can put this total cost against the cost of implementing physical security tagging.

I would be interested in knowing your solutions, both software and hardware based, for managing assets in your environment, in the comments.