<div dir="ltr"><a href="http://www.hstoday.us/columns/best-practices/blog/why-software-patching-is-essential-in-today-s-world/4372316b36c76e7989cb1eaadeb7f5e9.html">http://www.hstoday.us/columns/best-practices/blog/why-software-patching-is-essential-in-today-s-world/4372316b36c76e7989cb1eaadeb7f5e9.html</a><span style="color:rgb(0,0,255)"></span><br><span style="color:rgb(0,0,255)"></span><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span style="color:rgb(0,0,255)"></span><span style="font-family:arial,helvetica,sans-serif"><span style="font-size:8pt"><br></span></span>A few years back, business came to a grinding
halt for a European supermarket chain when it was infected with the
Conficker virus. The virus caused the system to slowly use up all the
system resources at more than 500 stores and 20,000 devices until they
all stopped working, leaving all the company’s stores virtually in the
dark. Worse, the virus was able to remain in memory and allude the
incumbent antivirus solution, leaving lasting effects from this a very
nasty virus for the company.
<p class="">An effective patch management process, in
addition to antivirus solutions, can proactively close the holes that
are so often used by hackers to gain access to data. While an antivirus
solution will always be needed, patching is equally as important, if not
more so. </p>
<p class="">Antivirus solutions don’t actually stop viruses
from infecting your system, they merely clean them after delivery. In
the supermarket example, contractors were hired to manually connect to
each device and clean the virus using tools provided by its existing
antivirus company. After more than 10,000 hours of overtime and
countless hours of change management, the system was presumed clean of
the virus. </p>
<p class="">But, they didn’t install the latest patches, so
after all this, the company still wasn’t safe. One week later, the
virus, still lurking in exposed areas of the system, spread through the
system again. The company had to repeat the remediation process. This
time, each system was patched to ensure the virus was properly held at
bay. </p>
<p class=""><b>Avoiding doomsday scenario with proper patching </b>
</p>
<p class="">The first step in protecting a system is to set
a strategy for regular and effective patching along with an antivirus
protection plan. Guessing on timing or randomly downloading patches will
result in bad, or ineffective, patching. Companies that do not have a
fully supported patching policy often end up blaming the product for the
problem. If they had deployed the patches with proper testing, they
could have avoided this negative perception. Look for the right
solutions partner or patch service to help you set up a regular patch
policy and toolset that fits your company. </p>
<p class=""><b>How to start patching effectively</b>
</p><p class="">There are a few steps to follow to get your
company’s infrastructure to where it needs to be – safe from exposure
and running as efficiently as it can: <br></p><p class=""><b>1. Scan and identify missing updates, then rank them by risk</b>.
Be proactive. You want a safe environment and optimum performance with
your machines; filling in the gaps of missing updates by maintaining
patch policy will get you there. Start by scanning and identifying
updates on endpoints. Your solutions partner can help you detect what is
missing on what device, no matter where your endpoints are. Don’t leave
out any devices under your Bring Your Own Device policy. Those users
could unknowingly expose the company to exploitation and viruses. When
they come back to the office, the infection spreads to the network and –
boom – a cyber-attack happens. </p>
<p class="">To rank which patches you need to tackle first,
use severity and exposure to prioritize the order of which patches to
deploy first. You can look to the Common Vulnerability Scoring System
(CVSS), a free and open industry standard for assessing the severity of
computer system security vulnerabilities to help you determine which
risks get patch priority. The Department of Homeland Security uses CVSS
score when reviewing specific risk to business structure and networks. </p>
<p class=""><b>2. Test before deploying companywide.</b>
Before you set off into deploying patches, you’ll need a testing
strategy. Not all patches are the right version for your devices and
software. Identify those that most appropriately match, then make a few
test runs to be sure all will run smoothly. First, don’t start with your
own device; you’ll need it to correct any issues. Second, check to see
if the patch has an uninstaller – one of the most important things in
any testing strategy. If the patch has no method to uninstall, you have
to do extra tests. Next, communicate that you’re about to update and
give your coworkers the instructions they need to follow to ensure the
patch is successfully deployed. Just to make sure it did, watch the
installation run on a colleague’s machine. Finally, always test with an
open mind. Take note of what happened, what failed, what needs to be
tweaked. If you see a failure after deploying the patch, you should go
back, uninstall the patch and reinstall it. Investigate if the issue is
in the hardware, device or the software. </p>
<p class=""><b>3. Schedule patch deployments to suit your business.</b>
Don’t wait until you have the IT hours to implement a round of patches.
Set a specific day each week, or month at the least, to deploy any
necessary patches and stick to it. Make this time a priority in order to
save your company time and expense in correcting the problem after a
breach has occurred. </p>
<p class=""><b>4. Report any repair activity and patch deployment success</b>.
Reports that show any breakdowns and what was done to repair them are
especially helpful in determining how the next patch will go. Reporting
on your success has many benefits, too. You can show company leaders
where you were, how dangerous things were, and let them see the success
and increased security as each patch clears. Without the reports, you
have no tangible evidence and return on investment. You and your team
are doing a great job – reports can show measurable success and
efficiency helping you get the recognition your team deserves for saving
the company from risk and from financial inefficiencies.
</p><p class=""><b>5. Design an efficient remediation plan.</b>
If something goes wrong, you’ll need a remediation plan based on your
reports. The reports will also guide you in providing repair information
to help you complete change management. </p>
<p class="">Antivirus solutions alone will not protect you
from a security breach. Adding an effective patch management strategy is
the key to keeping your data and your company safe from cyberattacks
and running efficiently. Avoid a doomsday scenario with proper patching,
so your company won’t be left with a crippled infrastructure exposed to
unnecessary risk. </p><br><div><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
</div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>