GreenPages' Newsletter August 2009

When we analyze how security incidents occur, we find that a large portion are due to systems that were poorly patched or misconfigured. Antivirus manufacturers are having trouble keeping up with millions of new pieces of malware that appear each year. Easy-to-use scripts are available to take advantage of the many application and system vulnerabilities that appear each month. Appropriate patching and configuration is a vital line of defense in a multilayered security strategy.

Beyond the obvious threats, organizations are also facing compliance and regulatory requirements. These regulations are now increasingly placing emphasis on preventative measures to help organizations understand and reduce their attack surface to become less susceptible to incidents. Keeping systems up to date and properly configured is key to meeting these existing regulations as well as those to come.

Many of the challenges traditionally faced by organizations are being answered by today’s leading patch management vendors: the ability to easily create pilot groups for testing patches; patch rollback to pull back any patches that cause system issues; and the ability to create groups, perform time-based granular installations and reboots, and get detailed reporting on the status of all machines in your network.

Add to that the ability to configure machines on your network and ensure that they do not fall out of their configuration. Being able to ensure that unnecessary processes are disabled, file shares have appropriately delegated access, and that all servers continue to follow the mandated standard give organizations a significant edge when combating today’s threats.

Creating a strategy for patch and configuration management will allow you to simplify your processes and reduce the time involved. If you have an existing strategy, evaluate it and make sure that your current process is effective, that you can deploy critical patches quickly, and that if you’re using an existing software tool, it’s enabling your process and not hindering it. In addition, establish that your process and tools are patching operating systems AND applications. Applications like Adobe Acrobat and Flash player are now releasing critical patches on a regular basis.

A proper strategy in these two areas can help reduce your attack surface and improve your overall security posture and potentially eliminate the time and cost of a security incident. When used in conjunction with other critical layers of security, you will find your organization in good shape against today’s threats.

For a deep dive into the subject, listen to GreenPages’ most recent webinar: Patch & Configuration Management: What You Need to Know and How to Simplify and Improve Your Process!

‹ ‹ ‹ Back to Newsletter

Visit GreenPages Online: www.greenpages.com
©2009 GreenPages Technology Solutions. All rights reserved.