Skip to main content

Inventory and Control of Enterprise Assets

Security Domain

CIS Control 1 – Inventory and Control of Enterprise Assets
NIST CSF – Identify: Asset Management (ID.AM)
NIST 800-53 – Configuration Management

Service Description

runZero is an internal asset inventory and network discovery solution that helps PSUs find and identify managed and unmanaged assets, but also has the ability to discover public-facing external hosts.

Zero in on every asset on your network

Product

runZero

Key Benefits

  • Identifies assets and related risks
  • Identifies outdated hardware and OS versions
  • Helps identify IP space and network maps
  • Accelerates incident response efforts

Cost to PSUs

No cost – funded by NCDPI K-12 Cybersecurity Program

PSU Time Commitment

Upfront/setup:  1 hour
Ongoing:  2-4 hours per month

How to get this service

Contact runZero POC to register for information/onboarding session

Point of Contact

Name: Friday Institute on behalf of the NCDPI K-12 Cybersecurity Program
Email: runzero_ncdpiadmins@lists.ncsu.edu

Key Resources

  • The North Carolina Department of Public Instruction (NCDPI) is designated as the formal licensed entity and account owner for the runZero Asset Discovery Platform for North Carolina and thus has the responsibility and authority to manage all contractual matters related to it.
  • As the runZero Account owner, NCDPI has the superuser role that grants it (and/or another party it designates) the privilege to make configuration, policy, and/or other changes to the NC runZero Platform.  In general, NCDPI will not make such changes without appropriate communication to the runZero PSU admins and/or other entities affected in advance. 
  • As the runZero Account owner, NCDPI has the superuser role that grants it (and/or another party it designates) access to view each Organization (i.e. PSU) in the runZero platform and its associated asset data.  NCDPI will utilize the platform to have situational awareness across all PSUs to identify, classify, and categorize devices, reporting on a per-PSU basis, as well as providing a statewide view that shows cybersecurity risks and critical needs.  This data will be able to inform PSU IT staff and state leadership, augmenting and automating some of the DLMI data collection.  Nothing in the asset data inventoried in runZero overtly identifies individual employees or students.
  • The NCDPI Department of School Connectivity and Cybersecurity will be providing periodic reports to the State Board of Education on the rate of utilization of the runZero platform with other evidence of efficacy to assess the value of this cybersecurity resource for future use (i.e. is the platform a good value for the taxpayers of NC AND has it improved the cybersecurity posture / reduced risk of the PSUs).
  • runZero (MSSP) cannot make changes to the NCDPI account and platform without approval from NCDPI (outside of general product/service updates and maintenance).
  • NCDPI can authorize and direct runZero (MSSP) and/or another designated party to make configuration, policy, and/or other changes to the NC runZero Platform.
  • NCDPI has configured a global setting in the runZero console that enables runZero to have support access to the NCDPI account and its associated organizations.  This provides an additional layer of support if NCDPI or PSUs need direct support from runZero.  Under this provision, a PSU can direct runZero support to make changes to the PSU’s organization configuration, but not to NCDPI account-level configurations.  All console impersonation actions are audited by runZero.
  • NCDPI and appropriate agency personnel have reviewed, agreed to, and are satisfied with how runZero collects, stores, and manages asset inventory data for PSUs.  All NCDPI, NCDIT, and applicable state security and privacy policies have been met.  NCDPI is confident in the prevention, detection, and response structures in place to support the purpose of the runZero platform for NCDPI and PSU needs.  The following are runZero privacy, security, and terms of service policies provided for NCDPI and PSU awareness.  In addition, NCDPI has also been provided with the latest version of runZero’s Information Security Policy and Platform Security Assessment.