There has been a lot of buzz in recent months around patch management. The ability to centrally manage and deploy patches across a network ensures that network security stays up-to-date. Asking individual employees to be responsible for their own PCs introduces a much greater chance of human error. Since systems management is not the employee’s primary job responsibility, the application of critical patches is easily postponed, often neglected, entirely forgotten or performed incorrectly.
Worms like Slammer are unkind teachers to those who have not applied appropriate security updates or downloaded the latest virus definitions. Slammer successfully made its way through many businesses exploiting an unpatched vulnerability in the businesses’ MS-SQL systems bringing collective corporate networks to their knees.
A good systems management tool will allow the central administration of the software patches to prevent unnecessary exploitation of software holes. There are three very basic steps to patch management – assess the vulnerabilities and identify patches, then test the patches and finally deploy them.
Evaluating the Costs of Manual Security Management
To evaluate the worth of a centrally managed security system, one must look at the management and opportunity costs associated with a manual approach. Manual management of security requires either some kind of low-level IT staff at each location or the time of the organization’s employees to deploy and maintain a system. The sum total of time that individuals or low-level IT staff must spend deploying their own security software, patches and security updates is growing exponentially with the number of patches that are being released every month and the number of people the organization employs. For many large organizations, a systems management tool has paid for itself after just weeks or months of use.
By using such a tool to centrally manage deployment, you eliminate the need for low-level IT staff at the various locations and free up time for employees who were previously in charge of maintaining their own systems. In addition, automated and tested procedures that a systems management tool offers, establishes a consistent level of security and eliminates the need to correct errors. Finally, in the event of a virus threat or an actual attack on the company’s IT infrastructure, a systems management tool pays for itself almost immediately – all the servers and PCs across the organization can be patched at once. If there is a damaged system, it can be rebuilt quickly and from a central location.
Simply put, the only secured infrastructure is a managed infrastructure. Combining systems management with security technologies from the cradle to grave decreases the chances of a major security breech. It is the insurance a network needs to keep infection-free in the ever-changing world of technology.
Thom Bailey is the Director of Product Management within Symantec Corporation's Enterprise Administration Business Unit.
Oliver is a Product Manager at Symantec's Enterprise Administration Business Unit, where he is one of the driving forces to merge IT systems management with IT security.