The havoc caused by recent major ransomware attacks serves as a stark reminder that applying security patches quickly and efficiently is critical.
Sometimes patches are delayed due to concern about disrupting critical systems but often it is simply because organizations lack a comprehensive, verifiable patch management strategy.
Unpatched software is a top reason why computers get exploited. Patching can be difficult for many reasons and the result is that in many organizations it is not done effectively. When you think of the number of new software vulnerabilities there are each day, you start to realize why it is difficult to keep up with patching. There are challenges with both automatic updates and manual patching.
One way to more effectively manage patching is to outsource this task to a managed service provider that provides remote monitoring and management services. If this route is a good solution for you, then be careful to find out exactly what is included in the service. We have found that many business managers and IT leaders assume their service provider is taking care of patching but they don’t really know exactly what is being done.
Patch management means downloading, installing AND making sure the patch was done successfully. Be sure that there is verification that the patch was successful. Patching reports should provide details with a list of every machine, which patches were applied and which ones were not applied. A service provider should review a patch summary report on a weekly call with you and if a patch wasn’t applied, let you know why.
“The ransomware’s rapid spread suggests that many organizations have been slow to update their systems to newer versions of Microsoft’s Windows operating system that address the bug, which likely aided the worm’s movement.”………..“Software makers have long struggled to convince users of the importance of keeping their software up to date — especially in the face of bugs deemed as critical as the one that was patched in March.” (from CBS News- Technology & Science, full article here)
To help you avoid the next hit, we are offering a complimentary network assessment so you can be aware of where you have vulnerabilities and learn how to remediate them. Don’t be locked out of your systems by these malicious attackers.
Contact us to schedule an assessment or learn more about solving your patching problem.