Strengthen Your Patch Management Processes
If you’ve spent more than a few years in the IT industry, you probably remember the day when patching was simply about ensuring that your OS–i.e., Windows, or whatever variation your business was using–was up to date. Today, patch management is a critical cybersecurity task–one that’s becoming increasingly complex and time consuming for most IT departments to accomplish as they look to manage patches that extend to many of today’s cloud-based apps– Adobe, Citrix, Dropbox, Google, Skype, VMware and more.
This growing complexity is reflected in the number of organizations that, simply put, are doing it wrong. According to a study conducted by the Ponemon Institute, 57% of organizations that reported a data breach also noted there was a patch available to safeguard against the vulnerability that led to the breach. In other words, more than half of those breaches could have been avoided if the latest patch had been installed.
IT departments are often overwhelmed and understaffed, which is why so many companies turn to IT service providers. However, even VARs and MSPs suffer from patch anxiety. For instance, even if patches were deployed, it can be challenging to know if the updates were implemented correctly on every device and, as a result, whether the patch will protect customers from emerging security threats.
Fortunately, there are ways to relieve this worry, with more effective automation and greater visibility. For example, some remote monitoring and management (RMM) tools allow you to apply patches to an entire network of devices simultaneously.
There are also tools like Barracuda’s Managed Workplace RMM that can make it even easier to stay on top of patch management. The solution includes a patch scanning feature that helps identify which devices need additional patches, or which patches may have been missed during the normal update process.
With this increased visibility, IT solution providers can identify and remediate security issues before a breach occurs. IT solution providers can also fully automate their patch and update management by preapproving, scheduling and deploying thousands of software versions from over a hundred software vendors through a single pane of glass.
There’s more to security than just patch management, of course. Managed Workplace also allows channel partners to assess vulnerabilities with the site security assessment, secure weak points, inspect password policies, detect anomalies, control backups, manage Office 365 accounts and recover data that may have been lost in an attack.
(If you’d like to learn more about Managed Workplace, check out our recent webinar.)
Patch Management Best Practices
In addition to leveraging RMM tools, it’s a good idea to develop a clear-cut patch management process with your customers, for both legacy and new applications.
Manual patch management is no longer sustainable, given the increased pace of cyberattacks. Automation is critical, but there are other best practices to follow, as well. Here are a few of the essential ones:
- Customer subscriptions and maintenance fees should be paid on time.Both SaaS and on-premises solutions often require an annual fee to ensure updates and patches are received. If clients aren’t being billed automatically for these subscriptions, encourage them to