Five tips for effective patch management
According to data from the FBI and Carnegie Mellon University, more than 90% of all security breaches involve a software vulnerability caused by a missing patch that the IT department already knows about. Even the SQL Slammer worm, which caused IT managers across the globe plenty of headaches, could have been avoided if a patch that was available six months earlier had been applied. Just ask the Bank of America and the U.S. departments of Defense and Energy, among many others, about the pain it caused.
If IT departments know about these risks ahead of time, why do these vulnerabilities exist? It's because the manual process of patching the thousands of workstations and servers in their environments is nearly impossible. Gartner estimates that IT managers now spend up to two hours every day managing patches. And when Microsoft alone issues a new security patch about every fifth day, how can anyone keep up?
[ Read more ]