Unpatched Software Creates Big Risks
How far behind are you on patching your systems? One study found that one of the most popular Windows exploits had a patch available five years ago. Other studies conclude that 75 percent of open source servers don’t have all patches installed. This is a big deal, because open source software is everywhere, from developer code libraries to Internet of Things devices. Windows and Apple software will prompt you to install patches, or even interrupt your work to install them when they’re critical, but with open source software, you’re usually on your own.
Implementing a good patch management process can help you keep current with patches, at least the critical ones. It requires having a process to track all digital systems and devices in your network, identify the software components they use, search for known vulnerabilities and released patches in those components, and obtain and deploy those patches. Much of that tracking work can be built into your software and hardware deployment process, making it a routine, ongoing task rather than a major project.
It’s possible to automate much of this work. When you maintain a database listing which systems use which products, you can use scripts to install the patch on each affected machine. You’ll want to do a test with the new patch on a development server before deploying to production. It’s also important to check logs after the deployments to make sure they succeeded and do a quick check out to ensure the system is functioning properly.
Some patches, especially to development tools, may require you to rebuild applications with the patched version. You should create a process to communication with developers about the patches and track that the work is done.
The large number of patches means patch management is challenging, so build a good process that streamlines the installations and makes it easier to keep up with the pace of change.
Use Supported Software
Once software is no longer supported, there are no more patches for new security risks, so be sure to keep software up to date as well as installing all patches. At a minimum, make sure you keep your antivirus software current!
Need help implementing a patch management process? Contact Prescient Solutions to learn how our IT consulting and managed technology services can help you stay on top of all routine software and network maintenance. We’ve been providing support from certified experts to businesses and organizations in Chicago and Schaumburg for 20 years.