For years, patch management has been a thorn in the side of organizations and continues to be a popular topic of discussion. Management of an organization’s security is an increasingly critical aspect of the modern business. Technology continues to evolve and attackers continue to develop new ways of exploiting weaknesses. And as vulnerabilities are discovered, so a patch is released to fix it. For this reason, a strong and proactive patch management policy/system is a necessary aspect of any organization.
Patch management covers the people, procedures and technology responsible for keeping your computers up to date with the most current software versions. This should always have a focus on security, writes Felicia Nicastro in a step-by-step guide to best practice by TechTarget.
As such, it should not be a defensive procedure enacted in response to critical security incidents (though there are emergencies where this will be necessary), but an ongoing and proactive procedure for keeping the environment secure and reliable.
This is a task of ever increasing difficulty, with targeted attack and zero-day vulnerabilities shrinking the window of time between discovery and exploit availability. Now, more than ever, security managers need to have a firm grasp of their software hinterland – and the appropriate patch levels. Only once you know what you’re dealing with should you proceed to obtaining and testing the relevant patches.
Typically, however, the testing phase is often one major stumbling block. A security-related patch can often affect many different parts of a system, so testing is an unavoidable part of any implementation. Therefore, any testing environment needs to simulate as much of the targeted platform as possible. After successfully testing the patch, you will need to ensure it can be successfully removed in case of problems.
Deployment is the next step in any roll-out. This needs to be done in a manner that will guarantee repeatability, consistency, status tracking and error logging. This is usually achieved using a patch management tool. There are myriad options available and you should choose the tool most appropriate for your environment.
After the patch has been deployed, the next stages are validation and verification. These are just as important as the testing and deployment, with the main difference being that these last two stages are driven mainly through procedure rather than the patch itself. Any patch management tool you have chosen should verify that it has been installed correctly. If this is not the case, then a manual method or sub-procedure needs to be created to complete the task.
The final, review stage should include the compilation of a report that includes at least the following information.
- Number of systems successfully patched
- Number of systems unsuccessfully patched
- Summary of failures
- Number of systems omitted from processes
- Summary of omissions
This information is subsequently used to update the procedure side of patch management and is what helps to ensure the organization’s approach is a proactive one.
Big Data and related technologies – from data warehousing to analytics and business intelligence (BI) – are transforming the business world. Big Data is not simply big: Gartner defines it as “high-volume, high-velocity and high-variety information assets.” Managing these assets to generate the fourth “V” – value – is a challenge. Many excellent solutions are on the market, but they must be matched to specific needs. At GRT Corporation our focus is on providing value to the business customer.