By Aunty Malware 

(Editor’s note: Aunty Malware is a real former Fortune 500 CISO who is trying to enlighten the masses without getting sued.)

As firms struggle to gain control of their assets and internal resources they begin to fall behind in strategic and tactical plans.

From a corporate standpoint firms are seriously reviewing what they have in their facilities, organizing their physical and logical assets and ensuring accountability of said assets into central DBs or repositories.  Why?  Accountability, due diligence, regulatory mandates and federal guidelines.

Y2K was an aid by which many firms ensured accountability for their assets and resources from a physical and logical aspect.  Further, Y2K encouraged firms to implement additional resources and assets to curtail a potential disaster.  911 was an awakening, where again assessments and implementations were carried out.

However, in the past 5+ years many have become lax and processes, procedures, change management and the software development lifecycle (SDLC) has suffered, once again plummeting firms back into the overstuffed basement scenario.

2007 could be seen as the year for review and inventory refreshes: cleaning out those wiring closets, pulling out legacy systems, scrubbing stacks of outdated PCs, servers, laptops, cell phones, PDAs.  But as most of us know getting rid of an old pair of jeans is not that easy.  Fine, keep the jeans, even if they don’t fit, but log them into a repository so that you know you still have them just in case you can fit in them again.

(more…)