What is asset management?
Asset management is a system and process that records and tracks all high value assets in an organisation. Inside the data centre, that means all equipment with the exception of leads. Even disk drives, that hold critical business data should be recorded.
The risk of not properly recording and tracking assets can be expensive. A major telecommunications company recently carried out an audit at two data centres. It soon became apparent that their asset register was significantly out of date. Eventually it took over five months to reconcile the asset register with what physical equipment could be located.
Not only was there a vast amount of missing equipment and a significant amount of equipment not listed on the asset register, the whole exercise resulted in a six figure write-down to the fixed asset register. The result has been a complete overhaul of governance, purchasing processes and asset control mechanisms.
Start with an asset management database
Every enterprise has an asset management register. These days, it should be more properly called an asset management database. Each record holds the details of one asset and shows where it is currently held. When talking about a computer rack, a car or a photocopier, this works well. Each asset is large, cannot be broken into multiple usable pieces and can be easily tracked.
When the asset is a server, there are a number of key components that need to be tracked and recorded. It could be the hard disks if this is a storage device. Alternatively it could be the processor units if the asset is a mainframe. For blade servers, it could be the chassis, the blades, the power units or even the network switches.
To deal with multiple components, older asset management databases may need to be replaced or redesigned. They will need to support the smaller asset size and the potential frequency of movement. Where the asset is a disk containing critical data, there must be other security protocols in place to make it harder to lose or steal.
Asset tags
An asset tag is a unique number applied to a piece of hardware. It might seem reasonable to use the serial number of the hardware but these can be scratched off or removed. An asset tag at its simplest, is just a sticky label attached to the asset. It uses special adhesive that makes it virtually impossible to remove. Should the label be removed, there will always be some form of residue left behind.
The current best of breed asset tags use radio chips. Some are RFID enabled, others use InfraRed (IR). This make it much easier to track assets as they move around the data centre. They also provide an opportunity for data centres to sell additional security services to customers.
One value add service would be to track assets as they are moved around the data centre. Engineers and operations teams may move equipment as part of a maintenance programme. Tracking where an asset has been moved to, when it was moved and linking that back to work orders is a powerful auditing tool. At the same time, it makes it very easy for engineers to see where equipment is before entering the data centre to maintain it.
Most data centres use mantraps to prevent equipment being removed without permission. This is fine for large items but something as light as an SSD drive is hard to detect. Another value added service would use the radio enabled asset tag to detect any attempt to remove an SSD from the data centre. For highly sensitive data, this is a bonus security option.
The challenge with implementing this level of security is the cost and size of the asset tags. An asset tag on a server or switch is irrelevant in terms of size. An asset tag on an SSD drive or any hard disk is large and with the very low tolerances inside storage arrays, may well be a problem. When you look at the problem of an asset tag on a USB device, it becomes unworkable.
Innovation solves many problems
The solution is in the hands of the asset management vendors and is not insurmountable. Near Field Communication and RFID chips are already installed in credit cards and passports. WiFi enabled SD memory cards are available for cameras and other devices. Adapting the technology to create a new generation of asset management tags is a relatively simple process.
At the same time, there needs to be pressure put on device manufacturers to install better asset management in the box. Hard disks, both spinning and SSD and USB drives could easily have the right communication technology built in that could then be integrated into asset management solutions.
There are already good examples of innovation by asset management vendors. Some solutions provide a system that uses a socket strip down the side of the rack which is linked to a tag on the server. Press a button to release the server from the socket strip activates a sensor that records the asset has been moved. When a new device is installed, the sensor is triggered again, interrogates the asset tag and records the new asset in the rack.
Data centre infrastructure management
While an asset tracking sensor grid can be installed inside the data centre, most companies already have alternative options. These options come as part of their Data Centre Infrastructure Management (DCIM) systems.
DCIM is a combination of data from IT systems and facility management systems to provide a managed view of the data centre. Every DCIM deployment consists of a range of sensors, hardware and software. It is used to manage the physical security of the data centre as well as track power usage and essential facility components.
When looking at the DCIM market it is noticeable that the majority of vendors lack their own asset management solutions. Customers should not be surprised by this. DCIM solutions are designed to take inputs from a range of sensors and management software.
One of the goals at Cannon Technologies has been to support the integration of the signalling from a lot of different vendors’ asset management tags into our DCIM products. This makes it easy for us to track assets using our existing sensor arrays in the data centre.
For example, we provide a lot of video security systems to customers with very sensitive environments. Should a high value asset be moved and trigger an alert on a sensor, we could insert that alert into the video stream so that the customer would have an audio, video and security log record.
Tracking can be integrated with other security options. Biometric aisle and cabinet locking solutions come with robust audit and history logs. Integrating the asset management alerts into this ensures that any movement of an asset can be tracked in time and space. This level of tracking and management far exceeds what customers could achieve with any other solution on the market today.
Not every customer has created a joined up asset management and DCIM solution for their environment. This is because asset management has historically not been part of the responsibility for the data centre management team. Instead, it has been partly owned by IT and partly by the facility management team. As a result, there is often confusion as to who is really responsible.
DCIM has proven that it can bridge the gap between facility teams and IT, delivering a solution that both parties are happy with. This means that instead of trying to build a new system for asset management that is separate from DCIM makes no sense.
An integrated approach offers a much higher level of security and asset protection because it takes advantage of the existing DCIM sensor grids. It also drastically reduces costs by delivering operations teams with a single product and removes the need for retraining. As a result, teams are up to speed quicker and are less likely to miss key alerts.
Conclusion
High value physical assets in the data centre have to be carefully tracked and recorded to reduce the risk of theft. Where those assets are portable, such as USB and SSD drives, there is a compliance requirement on the organisation to ensure that it tracks and protects not just the asset but also the data that is stored on that asset.
Rather than build new systems, data centre teams can quickly extend their existing DCIM solutions to provide asset management protection. This reduces both the overlap between systems and the risk of assets not being properly recorded or tracked.
With an increase in the personal data and intellectual property being stored inside data centres, the idea of what is an asset is changing. This means that traditional solutions that simply recorded a server, switch, PDU or even a rack as the key asset are no longer valid. Data is now the most critical asset that must be protected.