Talk to any IT administrator and mention the word patching and watch how their eyes roll to the back of their head. For many years the concept of patching had included ample time for preparation: including testing notification and documentation. In today’s world where every platform, application, and even chipset has a vulnerability – patching has become a daily concern.
At the fundamental heart of patching is the concept of change. That change introduces unknowns of its own, process issues, and additional work. You will often hear the term “patch fatigue” which refers to the large amount of updates that companies need to keep up with on an almost daily basis. Patch management has grown into burdensome component of IT management. Whether it’s the sheer number of devices, concern on the impact of that change, or the simple downtime required for the patch itself – all these issues and concerns highlight the perils of patching.
From a security perspective, and speak with any person involved in security field and they will inevitably say “patching is a core component of our strategy”. It’s easy to say those things when you’re at the top of the hill. Pulling the fire alarm for every known patch, not only every 0 day vulnerability wears thin on not only the IT organization but also users. We are constantly looking for malware, viruses, and other gaps in our security strategy. For the last several years we, as an industry, have focused on finding the bad guy. The problem with that is that the bad people have access to the same great technology, the same smart people, and more money than you have. You have to be perfect, 100% of the time, they only need to be right once. Fundamentally we are trying to quantify, identify, and catch something that is constantly changing. If you’ve gotten this far in the article I want to introduce you to a very simple concept – you know what is good in your environment, you know what applications are working, you know what’s good – just protect what you know to be good.
In the past it has been difficult to protect what is good. Certainly we knew if an application was unknown we could stop it. In this day and age of smart malware writers they understood that story. Those same smart malware writers decided to attack once the door had been opened, once the application had been loaded, that was their opportunity. In many cases once an application is started and running most security products do not look at it again. Now there is a better way.
Ask yourself why is it that you patch your machine? Is it to increase productivity, maybe? Is it to take advantage of new features, perhaps? Is it to fix a hole in security that offers zero benefit to your business, to your customer, and ultimately your bottom line. While patching is an important component of your security strategy, does not have to consume your valuable time and resources. There are options to patching. Digital immunity gives you a way to protect what you know to be good. Good software keeps running – let it keep running.
Let us show you how to avoid the “Perils of Patching”.
Want to give Digital Immunity a try?
Click here for more information and to request a software demo.