As IT has become more complex and distributed, the overheads involved in keeping systems running have significantly increased. IT managers cite the time spent on updating, maintaining, and patching systems as one of their greatest overheads.
Security patching, in particular, can be a burden. Microsoft alone can release more than a dozen critical patches during its monthly "Patch Tuesday" bulletins. Then there are additional, out-of-band patches, patches from other software vendors, and updates for hardware, firmware and development systems.
Patching is a priority
Patching is critical as unpatched systems continue to represent a real security flaw in many business' networks. A study by NIST, the U.S. technology standards body, revealed that 90 per cent of successful attacks against companies exploited known vulnerabilities that could have been prevented if the systems had been correctly patched.
Patch management that is not centralised, gives rise to other issues, aside from the security risks and the time it takes up. Without the appropriate policies in place, companies run the risk of deploying untested patches that can cause problems for other applications or other areas of the IT infrastructure.
For example, an IT department that allows users to manage their own patch updates runs the risk of disrupting or breaking critical business processes with an untested patch. This is most common with highly customised applications or software written in house, however, off the shelf software is by no means immune to exposure.
Companies that do not centralise their patch management can also find that they have unnecessarily high energy bills. One of the most common reasons for not running desktop power management technology, or not instructing staff to switch off their PCs overnight is the need to install patches out of hours.
The case for patch management
As a result of these challenges, more businesses are looking at centralised systems for patch management. Patching desktop computers and servers, smartphones and tablets, and their applications – is too large a task to be carried out manually. Even if IT had the time to patch systems manually, automated patch management has been shown to be more reliable and more secure.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.