What are ghost assets and are they costing your org?

by

Ghosts, zombies, and shadows are not just the stuff of spooky movies and Halloween haunts. These descriptors pop up across several asset management categories: “ghost assets,” “zombie assets,” and “shadow IT” being familiar terms.

In physical asset/inventory management, a ghost asset is “an asset that you no longer have access to at your business, but which is still shown as an active and available asset on your register or in your asset management system.”

In IT asset management, ghost assets are “devices whose purpose withered and passed on some time ago but were not removed or repurposed.” Or, alternatively, “a ghost asset is a piece of hardware that goes missing from your organization’s radar – never to be seen again.”

So is a ghost asset something that no longer exists, something that’s missing, or something that exists but isn’t being used? The only thing that’s clear is that there’s no single definition of “ghost assets”.

So what about cybersecurity? Do security practitioners need to worry about “ghost assets” too? They certainly sound scary - but how should cybersecurity teams define ghost assets?

Ghost assets in cybersecurity: A definition

In cybersecurity, ghost assets are assets that exist in your environment that you can’t see. They may be invisible because of an incomplete, out-of-date asset inventory, or be the result of shadow IT. Regardless of where they came from, they lurk in your environment and can create new, dangerous vulnerabilities without you being aware.

What do ghost assets cost you?

In the Total Economic Impact study JupiterOne recently commissioned from Forrester, the analysts listed several core challenges they found JupiterOne customers faced prior to implementing the JupiterOne CAASM solution, and one of these challenges was directly related to this issue of ghost assets. They wrote,

“Critical processes lacked standardization in key areas, particularly related to data hygiene, risking myriad “ghost assets” lurking in the cloud, costing the organizations money while adding to their risk profiles.”

Ghost assets pose a number of very real cybersecurity problems, including but not limited to:

  • Undetected vulnerabilities and attack paths that you’re not aware of until it’s too late
  • Compliance issues that arise when you can’t track down every asset, or an auditor notices one before you do
  • Identity and access risks from failing to decommission accounts and devices when an employee leaves or is terminated

Forrester reported in the Total Economic Impact report for JupiterOne that, “With JupiterOne, the composite organization decommissions ghost assets and thereby neutralizes the potential risk of ungoverned assets, [and]...avoids almost $2.4 million in security risk and balance sheet inefficiencies.”

How to find (and bust) asset 'ghosts'

Ghost assets are a real cybersecurity problem. How do we find and bust them? You’ll need to identify ghost assets in your environment first in order to address them and neutralize the risk they pose.

The simplest way to get full visibility into your cyber assets is with a cyber asset attack surface management (CAASM) platform. CAASM tools (like JupiterOne) integrate with your CSPs (like AWs, Azure, GCP)”, Vulnerability Management, and IAM tools, aggregate asset data from all of those sources, then normalize that data so you can get a complete asset inventory and status.

The best CAASM platforms will also give you visibility into asset relationships, so you have complete context around not only what is in your environment, but what is truly critical to prioritize, monitor and maintain.

A CAASM solution will also ensure your asset inventory is always up to date, so once you’ve completed your “ghost busting” mission, you can rest assured that no more ghost assets will lurk undetected for long.

To learn more about CAASM and how JupiterOne can help your organization gain visibility into your cyber asset universe, watch a demo here.

Happy ghost busting!

Read the Study Now

Sarah Hartland
Sarah Hartland

Sarah is the Director of Demand Generation at JupiterOne. She has been a content creator and curator since 2012, with experience in the media, adtech, and cybersecurity industries. Sarah is passionate about making technical concepts accessible for all.

Keep Reading

Proactive IAM Security: Transforming Identity Security with Actionable Insights | Okta Integration with JupiterOne
December 19, 2024
Blog
Unlocking Proactive Security: How Okta and JupiterOne Elevate IAM Insights

Unlock proactive IAM security with Okta and JupiterOne, gaining real-time insights, enforcing least privilege, and reducing risks in dynamic cloud environments.

Transitioning from Vulnerability Management to Exposure Management | JupiterOne
December 13, 2024
Blog
Transitioning from Vulnerability Management to Exposure Management with JupiterOne

Explore Gartner's latest report on Exposure Management and learn how your organization can prioritize vulnerabilities and minimize exposures.

The Ultimate CAASM Guide for 2025 | JupiterOne
November 20, 2024
Blog
The Ultimate CAASM Guide for 2025

Discover how Cyber Asset Attack Surface Management (CAASM) is providing enhanced visibility of internal and external assets in 2025.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.