Overview
With Qualys, Asset Tags are how we organize our assets for easy sorting, and to be able to view them in the Global IT Asset View easily.
Technology Solutions has created a naming convention for UIC's tagging scheme, with examples of each. This list is a sampling of the types of tags to use and how they can be used. It is not a comprehensive list and units may contact the Security team to discuss creating their own tags as needed.
Example tags in Technology Solutions naming convention
Business Units
The top-level of our users. All Assets will belong to a Business Unit which corresponds to the unit that owns it. All Business Units will have a prefix of 'BU-".
Asset Groups
This defines a group of assets within a Business Unit. All asset groups will have a prefix of 'AG-'.
- AG - ACCC
- AG - Pharmacy Chicago
- AG- Pharmacy Chicago Static NAT’s
Asset Types
Identifies the type of asset. This allows you to sort your assets quickly. All asset types with have a prefix of 'Type-".
- Type-Domain Controller
- Type-ESX Server
- Type-Server
- Type-Workstation
Operating Systems
All Operating systems will have a prefix of "OS-".
- OS-MacOS
- OS-RHEL 7.x
- OS-Ubuntu
- OS-Windows 10
- OS-Windows Server 2012
- OS-Windows Servers (ALL)
Data Type
This allows us to organize potentially sensitive data. All data type tags will have a prefix pf “Data-“
- Data-FERPA
- Data-PHI
- Data-SSN
Data Classification
How is the data on this asset classified? All data classification tags will have a prefix of “Class-“
- Class-High-Risk
- Class-Sensitive
- Class-Internal
With these asset tags applied to the assets that are added into Qualys, each unit can organize their assets and data related to these assets in order to better use the Qualys system.