Patch management plays an essential role in the security of IT systems. Typically released by software vendors to fix vulnerabilities or security weaknesses in operating systems, patches are part of their internal efforts to solve problems with different versions of their software. If they are not applied in a timely manner, computer networks are at risk and can become severely compromised.
The patch management process allows patches to be acquired, tested and installed on existing applications to keep systems up to date with functionality or security vulnerabilities. Unpatched software can make network equipment a vulnerable target for computer attacks or software viruses.
Why is it important?
Patch management is a necessary process in order to:
- Increase the security of all IT equipment and prevent security breaches.
- Reduce breakdowns and software failures.
- Keep systems up to date to ensure their proper functioning.
- Authorize mobile devices on corporate network with confidence that they do not carry malicious software.
- Maintain a state of compliance of equipment and systems at all times.
- Have visibility and perspective on the strengths and weaknesses of the IT infrastructure.
The most common problem associated with the patch management process is the introduction of a failure that was not originally present. This problem may appear immediately after the update or sometimes later in a software application that has an interdependence with recently fixed software. Because patches can sometimes introduce problems into a system that previously worked properly, it is important that administrators test patches before deploying them throughout the organization.
The other common problem associated with patch management is that disconnected systems may not receive patches quickly. If a mobile user rarely connects to the corporate network, then that user’s device may run for long periods of time without being updated. In such cases, it may be preferable to configure the device for standalone patch management rather than centralized management.
Where do we go from here?
Implementing patch management requires following certain steps:
- Document the patch management policy.
- Obtain a clear view of the current status by performing a systems discovery.
- Categorize systems according to their risk levels.
- Confirm systems in need of updates by standardizing and grouping them under a single theme.
- Determine tools, practices and methods for updating systems: tests, configuration, deployment, status reports
- Performing monitoring for missing updates or vulnerabilities on the network.
- Learn from experiences and modify policies, procedures or guidelines following the initial assessment.
Software patch management is a repetitive process that can be tedious, but it is one more tool to keep your assets safe.
If you don’t have the internal resources available to take charge of patch management, call on a trusted partner. You will reap many benefits and extend the life of your equipment!
CISSP, CEH, CGEIT, CISA
Chief Information Security Officer