provisioning is the set of all activities required to provide one or more new information services to a user or group of users.
At the heart of provisioning is the imperative to provide these services in a secure manner.
the most essential aspect of securing our information systems is knowing what it is that we are defending.
The International Organization for Standardization published ISO/PAS 28000:2007 as a means for organizations to use a consistent approach to securing their supply chains.
The solution is to have a comprehensive monitoring process that actively searches for these devices and ensures compliance with your organization’s security policies.
The solution to the software asset inventory problem is multifaceted. It starts with an assessment of the legitimate application requirements of the organization.
Here are some of the most widely accepted best practices:
Using Gold Masters
Enforcing the principle of least privilege