Patch management is one of those topics in IT that feels like it’s so rudimentary, it should just be taken care of already. Purchase a software solution, set it, and forget it—and magically, all known vulnerabilities are patched! While it sounds easy, a 2018 Ponemon study—the State of Vulnerability Response—found that mid-market and enterprise organizations simply aren’t able to protect against known vulnerabilities as well as they think they can.
Patch management (or vulnerability management for some) in enterprises is often more complex than simply pointing a software solution at the systems and applications to be managed. There are a few reasons why enterprise organizations aren’t as patched as they should be:
It’s evident that the enterprise lacks strategy, coordination, and focus when it comes to patch management. Here are three things you can do to help you along the road to fixing your patching problem.
An enterprise is never “easy” to navigate, but the work of patching is really basic blocking and tackling that involves getting everyone using the same playbook. By focusing on patching—according to the Ponemon study—you reduce your likelihood of breach by 41%*. That’s a material improvement. Given the overwhelming number of zero-day attacks, the current state of patch management is obviously very ineffective and completely unacceptable.
By putting a plan in place that includes buy-in from all the affected teams, you can improve the organization’s security stance, reduce the risk of attack, and create a long-term strategy to help safeguard the environment over time.
* “Ponemon State of Vulnerability Response,” https://www.servicenow.com/content/dam/servicenow-assets/public/en-us/doc-type/resource-center/analyst-report/ponemon-state-of-vulnerability-response.pdf (Accessed July 10, 2018).
Nick Cavalancia has over 20 years of enterprise IT experience and is an accomplished executive, consultant, trainer, speaker, and columnist. He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies. Nick has also held executive positions at ScriptLogic, SpectorSoft and Netwrix and now focuses on the evangelism of technology solutions.
Follow Nick on Twitter at @nickcavalancia
To find out how SolarWinds can help you and your MSP business more effectively manage patching, click here
© 2018 SolarWinds MSP UK Ltd. All rights reserved.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.