Newsletters Welcome, Guest Log In | Register

Data and Telecom

Companies’ communications strategies must be agile in a rapidly evolving market

About this Blogger RSS

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

2

Patch Management, Now More than Ever

Posted by Carl Weinschenk Jun 24, 2008 11:22:36 AM

As the time lag between news of a new vulnerability and hackers' ability to exploit it shrinks, patch management becomes a more vital tool for enterprises.

 

InformationWeek's look at five products begins by saying that the two main factors to consider when making a deployment decision are the number of operating systems supported and whether or not the product uses agents.

 

The site's lab looked at BigFix, Kasya, LANDesk, Lumension and Shavlik. The lab used a five-level scoring system on eight criteria (integration, strength, efficiency, ability to determine what needs patching, rollout ease, flexibility, breadth and price). Lumension and BigFix made the short list, while the Editor's Choice went to LANDesk. The story includes capsule descriptions of each of the five products.

 

The importance of patch management is destined to grow. This MyITForum post says that a new technique has been developed that could lead to big problems. Researchers found a way to scan patched and unpatched software versions in such a way that the comparison could be used to create an exploit. This process, the writer says, could be used by hackers to find previously unknown vulnerabilities or to mount an attack against unpatched versions of the software that are still in use. The bottom line is that the creation of exploits is becoming increasingly automated.

 

Patching is but one tool in the fight against hackers. This Processor piece, which is aimed at small and medium size enterprises (SMEs), also says that the patch window -- the time between when a vulnerability is uncovered and when hackers seek to take advantage of it -- is shrinking. Quick patching certainly is one alternative, but the piece points out a number of problems with the patches themselves. A sidebar to the story says that one alternative is automatic updating of the of the security system. This undated piece by Jonathan Coupal at consultancy ITX provides a good overview of how to go about patch management. The first step, the writer says, is to carefully assess the current environment. The next step is to identify, evaluate and plan. A test deployment is next and, once that's complete, the real deployment -- complete with adequate reporting -- can take place. These generic steps, of course, are similar in many different deployments. They may even be more vital in the case of patch management, which is an endeavor that can quickly get out of hand.

 

A Red Light Security blogger makes the point that patch management becomes more complex and perhaps even more vital in a virtualized world. The writer says the ability to move virtual machines to other physical hosts means that outdated software may be exported and attacked elsewhere. The writer provides five tips for virtualized patch management. He advocates keeping the host OS patched and hardened; activating virtual machine security; scanning regularly for vulnerabilities; establishing policies, standards and procedures, and watching for useful third-party products.

Add a comment Leave a comment on this blog post.
Mar 11, 2009 12:35 PM Guest James Keenan  says:

As a good advice for patch management I can recommend a tool called patch authority ultimate.

 

We use this tool in our company and it supports patching of a wide range of microsoft and 3rd party products.

They are always updated with the latest avialable patches keeping company security.

Jul 6, 2009 2:24 PM Guest steve  says:

Finding a robust patch management solution is becoming more and more difficult as machines are less and less accessible to the management console.  I have found success using patch management software from Kaseya.  Because of the agent based framework, I have connectivity to every machine that is connected to the Internet, independent of location.  - URL: http://www.kaseya.com/products/patch-management/features.aspx

Fax Automation as a Cloud Service

This white paper details how organizations can take advantage of fax as a cloud service without software or hardware, and without sacrificing security or ERP integration.

Breakthrough Data Recovery Technologies

Discover a road map to the most effective strategies and technologies to protect data and provide fast recovery should data be lost or corrupted due to accident or malicious action.

Data Center Virtualization

Virtualization solutions, management tips, and industry insights to increase the efficiency of your data center, while reducing costs.

Database Management

Data management tips and techniques that insure ease of access, comprehensive security and absolute privacy for your invaluable company information.

Open Source Data Management Solutions

Data management and storage solutions, tips and best practices to improve the scalability, reliability, and accessability of your data.

Data Center Management

Indispensable technologies and best practices to maintain your organization's most valuable asset.

IT Manager Development Library

Learn all the basics of IT Management: budgeting, staff motivation, business planning and more with this unique eBook bundle.

Learn more >

Janco's 2010 IT Salary Survey

This survey from Janco Associates, Inc., draws on data collected by extensive surveys of businesses throughout the United States and Canada.

Learn more >