No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

The Expanding Role of Technology Asset Management (TAM) in Corporate Compliance

by Mark Gaydos
January 4, 2019
in Compliance
map of connected devices on a network

Why It’s Time for a Next-Gen Solution

As organizations’ computing infrastructure expands, legacy asset management systems are becoming inadequate. To keep pace with this technological change – and remain compliant – companies must adopt a next-generation approach. Mark Gaydos of Nlyte discusses.

Imagine being charged by your cable company for movies you never watched. How about being charged an extra $100 dollars on your monthly electric bill for energy consumed by devices that are not plugged in? When these companies come after you for money, how can you prove that these charges are incorrect? Corporations utilizing licensed software or rented servers face similar situations. Without the use of asset management to identify hardware and software assets that are being utilized – or not utilized – it is nearly impossible to track and manage all your IT assets.

For foolproof corporate compliance, organizations must have in place a technology asset management (TAM) solution that will provide full transparency, enabling the company to determine if it is spending too much on maintenance or license costs, and providing insight into how many servers are actually up and running. When hardware and software vendors come knocking on your door looking for money, TAM will prove you are in the “right” and validate your defense.

Software and hardware companies are not forgiving; they make a living off renting licenses and applying maintenance fees. Corporations neglecting asset management will face stiff penalty fees for not operating within compliance. To avoid these risks and ensure companies pass vendor audits, TAM can help optimize asset usage and cut down on all those unnecessary maintenance costs by discovering what is actually being used and what can be taken off the network.

With full transparency and an in-depth view of the entire IT infrastructure, TAM can play a significant role in helping organizations define and control the entire IT infrastructure. Aside from reducing unnecessary IT spending, TAM also supports ITIL processes and identifies problems or changes to hardware and software systems. This, in turn, will help identify any impact while also assisting with the reduction of legal and security risks.

Simply put, you cannot afford the risks associated with a vendor audit. A company’s defense of “I had no idea” won’t fly. The penalties for noncompliance can be as much as $30,000 per incident, because vendors view these actions as stealing their property – a criminal activity worth prosecuting.

The key to avoiding these risks is to create a process and put systems in place that ensure full transparency and identify what assets are currently in place, who is using them and where they are located on the corporate network. With organizations’ computing infrastructure expanding beyond the data center to edge, co-location and cloud, legacy asset management systems are no longer adequate.  IT asset management is too big of a task to be trusted to an antiquated approach. Companies need to turn to next-generation technology to get their arms around this ongoing challenge and avoid the painful legal negotiations to reduce penalty fines.

The next-generation technology is all about the discovery. Technology asset management discovery is either “agent-based” or “agentless” – the difference being that an agent-based discovery approach needs to be loaded on every single asset connected or running on the network to share information with the discovery tool. For an agentless process, there are no agents loaded; instead, the tool profiles all connected devices and software running on the network to look for a match to a previously existing asset. Either way, this discovery process must ensure that all assets deemed most critical to an organization, such as servers, switches, laptops, desktops, medical devices and even IoT devices, are properly profiled. With a thorough discovery process, organizations can understand what information is necessary to avoid penalties.

In order to avoid noncompliance and recurring vendor penalties, organizations need a solid TAM reporting system that can be viewed as the single source of truth to compare what the vendor believes you have and what is actually connected or running on your network. In addition, this report should clearly document what other systems-of-record and individuals within your organization should have access to certain hardware and software items. This type of in-depth reporting provides a complete reality check so that organizations have a firm negotiation tool against any claims of wrongdoing.

Cloud services, virtualized devices, edge computing and IoT-connected devices have scaled the infrastructure’s reach far beyond the means to manually identify and keep track of everything connected to or running on the network. Significant penalties await companies who ignore their IT infrastructure to the extent they no longer have full visibility into their operations. The “mea culpa” defense can’t help organizations avoid the wrath of vendors. The next-generation TAM solutions are a “must-have” defense for organizations to automatically discover and report on all software and hardware connected to their network.


Tags: Cloud ComplianceInternet of Things (IoT)Technology
Previous Post

Follow the Money: The Polycom and Eletrobras FCPA Enforcement Actions

Next Post

The Secret Reason You’re About to Fail Your IT Audit

Mark Gaydos

Mark Gaydos

Mark Gaydos is Chief Marketing Officer at Nlyte, where he leads worldwide marketing and sales development. He oversees teams dedicated to helping organizations understand the value of automating and optimizing how they manage their computing infrastructure. Mark has more than 20 years of enterprise software marketing experience helping technology companies establish leadership and rapidly grow revenue. He previously served as the SVP of marketing at Engine Yard and has held a variety of executive marketing roles at enterprise companies such as Oracle, SAP, and Engine Yard. Mark has an M.B.A. in management science from San Diego State University and a B.A. in economics from the University of California, Santa Barbara.  

Related Posts

data spillage

Instead of Crying Over Spilled Data, Shore up Your Governance Practices

by Rich Hale
October 12, 2022

The reputational damage and compliance failures that result from a data spillage incident are well-known, and as the volume of...

regulatory storm

The Regulatory Storm Is Coming. Compliance Can Help Tech Leaders Batten Down the Hatches

by Stuart Breslow
September 14, 2022

The “move fast and break things” mentality that serves tech entrepreneurs well when they’re getting their companies off the ground...

amazon web services

Dark Clouds: Capital One Proves Financial Institutions Can’t Rely on Providers for Security

by Michael Volkov
September 7, 2022

Going by the online handle “erratic,” a former Amazon software engineer conducted an extensive hacking scheme that gave her access...

logicgate black kite integration

LogicGate Risk Cloud Adds Black Kite Integration for Third-Party Risk Management

by Corporate Compliance Insights
March 30, 2022

LogicGate’s Risk Cloud compliance platform has added integration with Black Kite, which offers cyber ratings, Open FAIR financial risk quantification,...

Next Post
man holding head in front of large grade F

The Secret Reason You’re About to Fail Your IT Audit

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT