Failure to install the latest security patches is a leading cause of security breaches and worm infections. 'Patches' are commonly released by software vendors to rectify critical system stability and security related bugs which are found to exist in a product sometime after its initial release. In fact, many victims of recent internet worms such as Code Red, Nimda, Slammer, Blaster and Sasser, could have avoided intrusion by simply having kept their system patching up to date.
Patch management is as much about process as it is about technology, and needs to operate in conjunction with internal change management processes. It is imperative that an appropriate framework is put in place to enable an organisation to deploy patches regularly and effectively without adversely impacting the operating environment. Once this has been achieved the supporting technology can be successfully integrated.
Installing patches is an ongoing challenge, but is a necessary part of diligent system administration. It can be extremely time-consuming for a system administrator to research new patches and analyse which systems might be affected. In addition, patch dependencies and patch supercedence can further complicate the process and lead to additional exposures.
Sense of Security is expert in designing patch management procedural frameworks and technical solutions for many different platforms. We can help make you more efficient and mitigate many of the risks involved with manual patch management. If it better suits your requirements, we can arrange for you to outsource your patch analysis and process requirements to us.