Patch management is the process of identifying, acquiring, installing, and verifying patches for products and systems used by an organization. They are imperative to correct problems related to security and functionality in software and firmware. They also introduce capabilities that are often mandatory into the organization’s IT environment.
The importance of patch management was highlighted in Congress when the CEO of Equifax testified that the company’s failure to patch was one of the causes of the now infamous data breach. The CERT® Coordination Center (CERT®/CC) claims that 95 percent of all network intrusions are avoidable by using proper patch management to keep systems up-to-date.
It’s become very clear in recent years why patching needs to be a priority for organizations but there are many challenges that make it difficult to do this. Most organizations today use many different systems and applications that all have varied release schedules, prioritization of patches often takes a backburner to other business priorities, and technical mechanisms for applying patches often conflict.
According to the SANS Institute, meeting the patch management challenge requires the creation of a patch management methodology and the automation of that methodology. This methodology should consist of the following components:
- Visibility / detailed inventory – comprehensive catalog of all hardware, operating systems, and applications that exist in the network
- Vulnerability process – identification of all vulnerabilities that exist in the hardware, operating systems, and applications
- Risk assessment/management – establishment of a set of risk management metrics and prioritize urgency of patches
- Patch process/procedure – detailed processes and procedures for testing and deploying patches and verification of deployment
The automation component is also an important piece of this as it provides a policy-based approach for IT administrators to manage their data centers with greater speed, quality, and consistency. Tools such as TrueSight Automation for Servers can be a game changer as they provide the functionality of patch management along with server lifecycle management. Organizations are then able to limit the number of services touching their systems and reduce the configurations needed to integrate systems. By employing the right tools, organizations can have a single place to manage efforts and reduce the overall complexity of managing these processes and system lifecycle tasks.
The world of patch management can be overwhelming especially as it becomes more and more obvious how vital it is to the security and health of an organization. Organizations need to have visibility into their hardware, operating systems, and applications so they can identify the vulnerabilities that exist and put risk management and patching procedures in place. Automation can take these tasks and make them digestible and manageable to reduce the overwhelm and make a complex endeavor much less challenging.