Liberty Computer Services
Tel: 01733 302970
All companies must rely upon data for business transactions, accounting, reporting, human resources, eCommerce, or marketing. The more accessible the data is made by
technology, the greater the risk of it being disclosed or modified by an unwanted source. Security controls are only effective if there is no means of circumventing them. If a
vulnerability exists that enables someone or something to bypass one set of security controls, then potentially all other security controls around that system could then be rendered ineffective.
In the software world, rarely, if ever, is an application developed without having the need to be corrected, upgraded, or modified. Because of this, a process must be developed
as part of the software lifecycle to regularly distribute patches to fix such issues. Errors can exist in functionality, configuration, compatibility with other systems, and even in architecture, which all have the possibility of creating vulnerabilities. The need to make software systems available for a business should be coupled with the need to ensure that these systems are running securely and efficiently. The following quote from the Burton Group illustrates how vulnerable systems can be exploited if they are not patched:
“Large numbers of vulnerable systems exist today, predominantly because the designers and implementers of those systems, or components of those systems, are unable
or unwilling to produce systems that are free or close to free of those vulnerabilities. A large number of attackers have the skills required and discover these vulnerabilities at a significant rate. Once found, automated attack programs are implemented to exploit vulnerabilities and are widely distributed. Attack programs can then be launched by multiple individuals to cause significant harm to vulnerable systems, and can also be integrated with viral spreading mechanisms for rapid global distribution. The result of this combination of threats, vulnerabilities, and consequences is significant risk to large enterprises and the global computing environment.”(Cohen, 2004)
Patch management is a process that must be done routinely and should be as all encompassing as possible to be most effective. In a network of hundreds of systems, all it
takes is one machine to become compromised to open the door for multiple other machines to be compromised as well. This is not to say that all systems should be treated equally; each company should prioritize its assets and protect the most critical ones first. But that being said, it is important to ensure patching eventually takes place on all machines and not just the most valuable to the company. Patching will not only require the effort of system administrators, but also requires the business’s support as well to agree upon a specific maintenance window. Patch management plays an important role in upholding a good enterprise security posture but it should not be treated as the solution for all security vulnerabilities. Having multiple security controls, of which patch management is a part, is the most effective means of protecting against potential threats.
(c) Sans Institute 2007, Brad Ruppert
Copyright © 2017 Liberty Computer Services Ltd. Company Registration Number: 10691515, VAT Registration Number: GB267611002
Designed by Liberty Computer Services Ltd