We’ve Got This: Patch Management

by | Jul 8, 2020 | Managed Services

These days, organizations are forced to navigate uncertain waters, resources are stretched as thin as ever, and workers are adapting to new workstyles. Through it all, Peters & Associates wants you to know that we have your back. As part of our 6-part webinar series, every two weeks we’ll be sharing solutions for supporting, managing, and securing your IT environment – whether workers are back in the office or working from home. Check out the schedule below to catch up on webinars that you’ve missed or register for our remaining webinars.

  • July 8th, 2020, 11:00 AM Patch Management – Check out the recap video below!
  • July 22nd, 2020, 11:00 AM Endpoint Protection – Register here!
  • August 5th, 2020, 11:00 AM Backup & Recovery – Register here!
  • August 19th, 2020, 11:00 AM Securing Office 365 – Register here!
  • September 2nd, 2020, 11:00 AM Security Awareness Training – Register here!
  • September 9th, 2020, 11:00 AM Managed SIEM – Register here!

On July 8th, we held our webinar on the importance of patch management. During that presentation, we discussed the dangers of lax patching policies, the elements of an effective patch management program, and how Peters & Associates helps our clients. Read on to get caught up or check out the full recording below.

The Importance of Patch Management

According to a study conducted by Ponemon Institute, 60% of respondents that reported one or more data breaches in 2018 and 2019 indicated that there was a patch available for a known vulnerability that had not been applied. The study goes on to note the challenges that organizations face in applying patches expeditiously. Among those challenges are lack of automation, time constraints, ownership of the patching process, and patch roll-out planning.

Further, research by Cofense Intelligence in their Q4 2019 Malware Trends report indicated that organizations upgrading from Windows 7 to Windows 10 – in the process eliminating a Windows 7 vulnerability – likely greatly reduced the delivery of the malware strain known as Emotet. From the third to the fourth quarters of 2019, researchers saw a drop of about 70% for this malware family exploiting the known Windows 7 vulnerability.

As these two studies demonstrate, unpatched systems are low-hanging fruit for attackers. Organizations that are slow to patch and don’t have effective patching policies in-place are easy targets for bad actors. So, what does an effective patch management strategy look like?

Effective Patch Management

Given what we know about cyber attackers’ targeting methods, it’s clear that organizations need to develop a strategy for applying security patches as quickly as possible. However, IT teams need to balance rapid patch deployment with due diligence to ensure that patches don’t have unintended effects.

Below is an example of the patching process. This represents a set of general guidelines. Each organization is unique and may diverge from some parts of this process.

Many IT administrators are familiar with Microsoft’s Patch Tuesday – the second Tuesday of each month when Microsoft releases new software patches. Having a reliable monthly start date makes it easier for organizations to develop a consistent patch management schedule. While other vendors don’t maintain quite as consistent release schedules as Microsoft, it’s important for organizations to keep track of updates for all of their devices and applications – including IOT!

Essential Managed Services: Patch Management

If your organization is having trouble keeping up with patches, you’re not alone. Even before the COVID-19 pandemic, IT teams were struggling to stay up on top of patch management.

To help our clients eliminate vulnerabilities as quickly as possible, P&A offers patch management for servers, network devices, and workstations. Our team works with you to determine an ideal monthly schedule, select devices for a representative pilot group, and determine the roll-out groupings for the rest of the environment. We’ll provide reporting to show patch success for the month and remediate patching failures.

Let our team help you shoulder the load with basic maintenance of your IT environment so that you can focus your energy on supporting your employees and advancing your organization.

Looking to Learn More?

  • You can download the slide deck here.
  • You can watch the full webinar below.