Page 5 - index
P. 5
10 Steps to a Better Patch Management Process
By Naren Vaideeswaran
Managing modern IT infrastructure in all its complex glory creates a tremendous amount of
pressure. Add to this the ever-present threat of a cyberattack—not to mention a connected
workforce that doesn’t always consider organizational security a priority—and it becomes clear that
preparedness is one of the most important things any IT professional can aspire to.
And a key element of IT preparedness, if not the key, is keeping systems and applications updated
and fully patched. Although this might seem obvious, in the spirit of preparedness, ask yourself:
How regularly am I performing security updates?
How fast can I implement a software patch during a fire drill scenario?
How effective is my overall patch process?
If answered honestly, it’s likely that your response to at least one of those questions is not what it
should be.
Thus, it’s probably worth a reminder that patch management is the best strategy for maintaining
security in your IT environment and should be a top priority for you.
That said, patch management is not without its challenges. After all, if it were, you would have been
able to answer all the above questions perfectly. So, to help, consider the following 10 steps of an
effective patch process.
1. Keep an eye out for security vulnerabilities
There are several ways to check for security threats. It helps to have patch management
software that notifies you of newly available patches.
If you don’t receive automatic notifications, you can manually check for threats via Internet
searches or by signing up to receive security alerts and bulletins from US-CERT.
2. Identify the impact of cyber threats on unpatched software
Not all security vulnerabilities and software patches will be relevant to your IT environment.
Thus, it’s good to categorize the impact of threats affecting security vulnerabilities using a
scale of low, medium or high to help you carefully plan your next steps. Impact assessment
is easier if you have comprehensive hardware and software inventory data.
3. Prioritize patches
Unpatched software with critical flaws will compromise data, affect business productivity or
both. However, rolling out all critical patches at once could break something in the network,
and pinpointing root causes in such a situation is difficult.
This is why prioritizing your patches is so important. Do this by assessing the risk of every
critical vulnerability and the systems or groups that would be affected by a security breach.
5 Cyber Warnings E-Magazine – September 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
