Patch management is still an area of risk improvement
There are still serious exploits from 2010 that are not patched today.
..and even though solutions exists; a lot of organizations have not remediated those exploits why one should focus on Patch Management.
I am convinced that a lot of the breaches you read about today could have been avoided if all the Business Critical Systems were/are up-to-date.
Especially if you do not have a Vulnerability Management Program in place that tells you what kind of business risk you have in your infrastructure, nothing will happen.
It is all about to make complexed IT risks understandable.
Vulnerability Management is the business process that enables you to take control of your infrastructure risks and one part of that is Patch Management with Seven Steps to consider:
- Develop an up-to-date inventory of all systems (if you want to have full control of your network it is important that you know about all of your assets).
- Standardize your set-up for your system to minimize the number of versions ( if you minimize the number of different versions of network components, the easier it will be to maintain and have control).
- Make a list of all business critical systems (identifying the business critical systems helps you prioritize)
- Check for vulnerabilities (using a scanning and reporting tool to find all your vulnerabilities).
- Classify the risk
- Apply the patch
- Verify (it is important to validate and verify that you have remediated why you should always do a rescan of the system).
/ Nils Thulin
For more information please contact us to hear how you can start your Vulnerability Management Program today – request a trial @ https://www.outpost24.com/contact/request_consultation/
Outpost24 – Vulnerability Management made easy