Dresner Group Blog
Tip of the Week: Best Patch Management Practices
Patches are a critically important aspect of your technology. As a result, you need to be sure that yours are managed properly. We have three tips to share so you can optimize your patch management processes.
Create Procedures for Both Routine and Emergency Patches
Many patches are released on a predictable schedule, so as to make it easier to keep up on patches - after all, if you know that a patch is going to be released on a certain date, you can set aside time to apply that patch. There are also emergency patches that are released when a vulnerability is discovered and remediated.
As you might imagine, both are important to maintain - one, to keep your business as free as possible from vulnerabilities, and second (and perhaps more obviously), to keep your business secure in the face of an impending threat. That’s why you need to make sure you have set processes in place to ensure that all patches are tested and applied. While it may not always be a pressing security issue, it is better to be prepared for anything that the vendor is concerned about.
At Dresner Group, we always build out and update our procedure, and test updates before they are applied to prevent downtime and other issues. It’s all about working smarter, not harder.
Have a Controlled, but Realistic, Environment for Testing Purposes
Let me ask you a hypothetical question: someone comes up to you on the street and offers you a pill that would make you immune to the common cold, but with no peer reviews by any medical board or the FDA. So, do you take it?
I would hope you would say no, simply because you have no idea of the effectiveness of the pill without it having been tested. Patches are the same way. Without any testing, you simply don’t know how well the patch will work, or if it will interfere with another process. Before you apply any patches to your primary infrastructure, you need to have made these evaluations in a reasonable approximation of it. An effective means of doing so is to spin up a virtualized environment and stress-test the patch there, before actually applying it - just make sure you give your tests enough time to produce trustworthy results.
Keep Track of When Patches Are Released
Depending on the hardware and software you use, patches are going to be released on a different schedule. This is because different manufacturers and vendors manage their schedules differently. Just look at Microsoft and their famous Patch Tuesday (typically the second and sometimes the fourth Tuesday of each month). In order to properly keep your patches up-to-date, you need to know when to expect them.
For assistance with your business’ patch management, you can always turn to Dresner Group. Give our professionals a call at 410-531-6727.