Interesting to note tomorrow is 2 weeks from Patch Tuesday November 11th (2nd Tuesday of month) and 2 weeks from patch Tuesday in December (the 9th).
So it is a perfect time for reflection – thus we review a discussion of the November 2014 patch Tuesday in SecurityWeek. It means to give direction for companies that have not figured out he Security riddle yet.
Security is defense and it must be done correctly, but it is also managing people and machines. When people come into the equation, budgets,
The importance of patch management cannot be overstated. Your network and computer systems have to be patched on time within a good testing system.
The problem with patches is that they do not always make a stable system: http://support.microsoft.com/kb/2966870
The knowledgebase article discusses a reboot cycle after applying a patch, but these kinds of problems can be averted with a good testing program.
It also just happens that testing your network for vulnerabilities should be added to your IT security architecture. Sure the computers on the network should be patched, but the only way to verify that they are is to test them, as a hacker would scan for vulnerabilities.
So Security architecture consists of:
1. Patch management with testing of patches.
2. Vulnerability scanning
3. Defense in depth – Anti-Virus on desktops/servers, proxy servers that remove potential threats, and Intrusion Prevention Servers for network control.
Viewing the network for where the threats are (Intrusion detection) is only useful with enough resources to actually review the attacks coming into the network.
The SecurityWeek article assesses and deduces that in a world of limited resources patch management is the #1 function of an IT department with regard to security.
My own argument is to assume the enemy is inside the network already – i.e. malware, adware has infected one of your devices, the only way to make things more difficult for the attackers on your systems is to patch as soon as possible or practical. After testing the patches they should be applied in your environment.
we can help with vulnerability scanning Contact us