Knowledge Base

Why Patching Really Matters

November 9th, 2017

From cleaning the gutters to re-sealing the deck every two Springs to getting your oil changed, nobody enjoys the routine maintenance that comes with life. The same is true for many Administrators and ongoing maintenance, particularly when it comes to Patches.

Manufacturers issue patches for two primary reasons: features and security. Feature patches provide new options for users that can provide additional value to the originally purchased software. While it is always a Best Practice to keep software within a version or two of current-release, Feature patches are mostly non-critical. Security patches are issued to close known exposures in software and operating systems, after they have been discovered. These should be treated with paramount concern, but can frequently fall by the wayside as items that are perceived as more important take precedence.

Zero-Day Attacks are difficult and infrequent; exploiting known vulnerabilities is easy!

It’s true, while Zero-Day Attacks are frightening, they are very difficult to architect. Think of Zero-Day Attacks like a heist pulled by the Oceans’ Eleven crew, high-profile, well planned, and expertly executed, taking significant time and resources. Such heists are extremely rare, even in the movies, as they are simply impractical. By comparison, exploits of known vulnerabilities is a far easier and more common approach.

A typical “Black Hat” will spend time knocking on the virtual doors of numerous companies and government organizations, looking for anyone foolish enough to have left vulnerabilities unpatched. Once identified, these organizations can be breached within seconds, utilizing common toolkits, following well-publicized attack vectors, allowing for maximum damage. Simply applying Security Patches as they are released will dramatically reduce exposure to this type of attack.

What’s the frequency?

Patch Management should be handled on a multi-tiered schedule, with daily, weekly, and monthly reviews and scheduled patching. Daily, available patches and security bulletins should be reviewed, and anything critical should be applied. Weekly, non-security Feature Patches that provide valuable functionality should be reviewed and applied as needed. Monthly, a review of all available patches should be conducted, and any remaining items should be applied. Additionally, it is a good idea to review Security Logs, to see where attempts at access occur, to better protect those areas proactively. This can become quite cumbersome for an internal team to tackle on their own. The average IT group is already understaffed by more than two people, with most resources juggling too many tasks in too few hours.

How do I alleviate the stress on my IT team, while keeping up with critical Security Patches?

CIS conducts regular Patch Management as part of a Managed Services Program, while providing a team of experts to deploy, implement, integrate, customize, secure, and support solutions of all types. Clients utilize CIS to offload the monotonous task of handling things like patching, allowing an internal team to focus on the more critical aspects of their job. CIS resources will monitor, review, and deploy any critical patches, with a customized approach to each client’s individual needs and requirements.