How to approach baselining for better asset security

A detailed baseline provides an accurate picture of an asset and its configuration. Controlling changes to asset baselines is essential to maintaining and validating the integrity of systems. Without proper documentation of system configurations, administrators may overlook anomalies as being normal. Further, when change management is applied to asset baselines, abnormal behavior, processes, or modifications will be identified much quicker than if no oversight is performed.

Baselining begins with information identification because organizations must know what to protect in order to protect it (say that ten times fast). Proper identification of all assets will enable organizations to establish priorities based on criticality, with a clearer picture of the assets within their base. In addition, assets must be identified for proper labeling. This ensures that all versions and changes are documented and kept up-to-date.

Version management is the process of maintaining an archive of previous baselines. By maintaining archives of previous versions, newly installed baselines can be rolled back in case of failure of unsuspecting errors. This is also necessary to compare the effectiveness of baselines over time and for accountability and auditing purposes. If version management isn’t practiced, rollback won’t be available and versions may get mixed up—this is why labeling is important.

Labeling is an essential task in baselining because it ensures that each asset is properly identified and documented. Labeling should be conducted using a hierarchical approach to document and track each version, their configurations, and controls. With a hierarchical approach, correlation between assets, their functions, and location will be much clearer if labeled properly. In addition, labeling also preserves the “family tree” of an asset base.

Management buy-in is important for baseline management because assets require continuous updates and forward planning. Maintaining baseline integrity is a commitment made by the organization and requires management buy-in to ensure ongoing and accurate baselining. Through collaboration, organizational departments can cohesively provide checks and balances that complement the audit process.

Baselining is an important part of an information security framework. Through baselining, an organization will be able to accurately identify all risks and implement countermeasures to protect sensitive assets. Knowing the baseline of all assets and controlling change through versions and labeling are all facets that make up an effective information security posture. Since information security encompasses many components that together create a strong security posture, baselining is merely one layer in an strong defense-in-depth strategy.