Image
U.S. Department of Energy case study

At a glance

Outdated software and hardware at the U.S. Department of Energy needed to be replaced in order to reduce the risk of cyberattacks. The IT team for the DOE envisioned an automated asset management process that would identify old, vulnerable software. Flexera’s Technopedia and Normalize, features of our Data Platform solution, allowed the DOE to aggregate and normalize IT asset data across the organization. This gave the agency insight into the latest product data, ensuring outdated software could be updated and secured.

The Challenge

DOE feared cyberattacks, needed automatic identification of outdated software

The DOE is charged with oversight of the nation’s nuclear arsenal and its vast power grid. Therefore, the department needs to constantly watch for cyberattacks and prevent vulnerabilities across all of its software and applications.

The DOE wanted to automate the way outdated software and hardware were identified by the department’s IT asset management (ITAM) process. Fully connecting IT assets to cybersecurity had never been accomplished on an organization level, and this innovation would put it years ahead of governmental and commercial peers.

IT data call requests for information are occasionally made, but these calls are frequently delayed or inaccurate. The department’s traditional methods had become infeasible due to complex IT asset data.

The department’s IT team worked with an outside consultant to determine that automation was the only solution, as the IT asset management was far too dynamic for manual processes. The IT team and consultant realized inaccurate and outdated information could lead to catastrophic security consequences.

One of the biggest challenges the team faced was being able to quickly identify outdated software and hardware assets. Aggregating and normalizing raw IT asset data from different sources made it difficult to create a single version of accurate, relevant information. There wasn’t an easy way to rapidly and accurately identify IT asset nearing end of life, which created possible vulnerabilities and opened the door to attacks.

The Solution

Technopedia provides complete and accurate IT asset data

The DOE developed an automated solution by integrating Flexera’s Technopedia and Normalize solutions with the reporting and visualization capabilities from existing enterprise architecture software.

With Flexera’s solutions, the department’s IT team can aggregate asset data across multiple tools and normalize that same data into a single classification for one complete view of all IT assets. This enabled the team to solve data quality issues by cleaning data automatically. Moreover, it provided non-discoverable meta-data and dynamic market information, ensuring IT data remains current. The DOE was able to standardize IT data architecture across its entire organization.

60% average reduction
in time spent researching
and validating data*
*According to a 2019 study by third-party research firm Hobson & Company

Flexera’s Technopedia provided a single, consistent data model for IT asset categorization and naming that instantly solved the problem of data model and asset class conflicts. Flexera’s Normalize helped aggregate asset data across the various departments and standardize it to Technopedia. This created consistent data across the various departments to build a foundation for ITAM with normalized data. And kept them up to date on an ongoing basis. The non-discoverable metadata provided by Technopedia allows them to perform necessary day-to-day functions, such as identifying end-of-life data and upgrade/downgrade paths for software releases.

The solution also kept the data current with latest product releases and minor version updates. With Technopedia’s enablement of data collection and normalization process, the DOE now has an effective IT asset data feed that is an important driver for the cybersecurity program.

The Results

DOE gains agency-wide data transparency, accountability and risk mitigation

Flexera’s solutions helped the DOE take the proactive approach it desired for its IT asset management. The agency now can make decisions based on real-time, fact-based data provided by Technopedia and Normalize solutions. The data helped create a transparent process, allowing stakeholders to prioritize and address security risks. This has resulted in increased accountability across the agency and improved communications through timely responses. Flexera solutions enabled DOE to use normalized IT asset data to properly assess the vulnerability of existing software and hardware to significantly enhance the effectiveness of their cybersecurity.

More than 3.5 million products and 250 million data points
are in Technopedia

Gain insight into your technology environment

Request Demo Learn More

Additional Cases

More examples of successful solutions