Read Time: 2 Minutes
Every business has to do it, but no one really wants to. And I’m not on about paying the bills…
It’s all about Patch Management.
Here’s why it is important
Poor old Adobe were the center of some rather unflattering press last month due to their Adobe Flash Player. As Ifeanyi describes in his tech talk, for Adobe, it was a fortnight to forget. It started on the 22nd of Jan with a couple of CVE (Common Vulnerability Exposure) files released and then another on the 4th of Feb… and another bunch on the 5th leaving people asking the question – “How long until the next zero-day bug Adobe?”
We’re just using Adobe as an example here as it’s not just them but lots of commonly used business programs suffer the same. The level of CVE reports/ bug-vulnerabilities is actually growing and it’s not just Windows, Mac OS also has also experienced it’s own number of vulnerabilities over the years.
Are businesses doing enough to protect themselves?
Our own reports show that shockingly 87% of corporate computers are missing critical software updates.
Gartner reported that 90% of successful attacks occurred against previously known vulnerabilities where a patch or secure configuration standard was already available.
So we know patching is important. But what is the guidance on ‘doing it right’ and how can more businesses better protect themselves against the threat of unpatched software?
Ifeanyi Nwabueze, F-Secure UK’s Technical Manager, highlights 4 great steps for a good patch management process and also a clear representation of the ‘Patch Decision Tree’ businesses should follow in his Tech Talk presentation.
F-Secure have a free feature within both their Business Suite Premium and Protection Service for Business (PSB) solutions called Software Updater which alleviates a lot of the time, resource and pressure on an organization.
F-Secure Software Updater automatically updates over 2500 different 3rd party commonly used programs. Using Software Updater can increase operational efficiency for a business, be cost-saving and also automate the timing and prioritization challenges that are faced.
You can also listen to a recording of Ifeanyi Nwabueze’s fab Tech Talk here
[Sources: https://web.nvd.nist.gov/view/vuln/statistics, F-Secure Study March 2013, Terrance Cosgrove, Gartner – Managing the Next Generation of Client Computing – 08.02.2011]