Patch management is the process of identifying, acquiring, installing, and verifying patches for products and systems used by an organization. They are imperative to correct problems related to security and functionality in software and firmware. They also introduce capabilities that are often mandatory into the organization’s IT environment.

The importance of patch management was highlighted in Congress when the CEO of Equifax testified that the company’s failure to patch was one of the causes of the now infamous data breach. The CERT® Coordination Center (CERT®/CC) claims that 95 percent of all network intrusions are avoidable by using proper patch management to keep systems up-to-date.

It’s become very clear in recent years why patching needs to be a priority for organizations but there are many challenges that make it difficult to do this. Most organizations today use many different systems and applications that all have varied release schedules, prioritization of patches often takes a backburner to other business priorities, and technical mechanisms for applying patches often conflict.

According to the SANS Institute, meeting the patch management challenge requires the creation of a patch management methodology and the automation of that methodology. This methodology should consist of the following components:

  • Visibility / detailed inventory – comprehensive catalog of all hardware, operating systems, and applications that exist in the network
  • Vulnerability process – identification of all vulnerabilities that exist in the hardware, operating systems, and applications
  • Risk assessment/management – establishment of a set of risk management metrics and prioritize urgency of patches
  • Patch process/procedure – detailed processes and procedures for testing and deploying patches and verification of deployment

The automation component is also an important piece of this as it provides a policy-based approach for IT administrators to manage their data centers with greater speed, quality, and consistency. Tools such as TrueSight Automation for Servers can be a game changer as they provide the functionality of patch management along with server lifecycle management. Organizations are then able to limit the number of services touching their systems and reduce the configurations needed to integrate systems. By employing the right tools, organizations can have a single place to manage efforts and reduce the overall complexity of managing these processes and system lifecycle tasks.

The world of patch management can be overwhelming especially as it becomes more and more obvious how vital it is to the security and health of an organization. Organizations need to have visibility into their hardware, operating systems, and applications so they can identify the vulnerabilities that exist and put risk management and patching procedures in place. Automation can take these tasks and make them digestible and manageable to reduce the overwhelm and make a complex endeavor much less challenging.


About the author:

Vinnie Lima

Vinnie Lima is the Managing Director for VVL Systems & Consulting, a small business focusing on IT Optimization for Cloud, Infrastructure, and End Users. Based out of Baltimore, Maryland, Vinnie Lima has over 21 years in IT Automation, Orchestration, and Cloud. Mr. Lima’s career has been focusing on helping customers drive value from their IT investments through the use of leading edge technologies and approaches, driving innovation in a wide spectrum of industries such as DoD, Federal, Health Care, and Financial.

facebook twitter linkedin instagram

Leave A Reply

ERROR: si-captcha.php plugin: GD image support not detected in PHP!

Contact your web host and ask them to enable GD image support for PHP.

ERROR: si-captcha.php plugin: imagepng function not detected in PHP!

Contact your web host and ask them to enable imagepng for PHP.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to our Newsletter
Stay informed with the latest technology news, industry events, and training offered by VVL Systems for free! Fill out this form and receive our newsletter delivered straight to your inbox.

See how VVL has helped clients leverage the latest technologies and agile capabilities.

Latest VVL and Industry News

SolarWinds Breach Response

Information & Resources regarding SolarWinds Orion Incident As many are aware, SolarWinds Orion products experienced a security incident that has…

What is a Zero Trust Maturity Model?

In this article, we'll review the recent materials, standards, and guidance principles related to Zero Trust Framework with the hope…

Upcoming VVL and Industry Events