To patch or not to patch, that is the question.

02 Jun

By: Markus Witcomb

Home / IT Support

Comments: No Comments.

Our systems are working fine as they are, so we have no need to install patches. Right?

It seems like a silly question, not to mention an easy challenge to win. You may be surprised – especially when it comes to the IT security necessity of patch management.

Here are five patch management myths you may have heard. Now it’s time to demystify them.

1. Patching is massive undertaking

IT pros that treat patching as routine maintenance have nothing to fear. If you are diligent in treating possible vulnerabilities, patching resembles a chore rather than a lengthy, time-consuming project.

People think patching is all-encompassing. It’s not. At least not when you stay on top of it.

2. Rollback is vital

Contrary to popular belief, rollback – automatically uninstalling patches – is not necessarily necessary. Confused? Don’t be. Rollback is only important if you are deploying an untested patch to your production network.

The reality is that you shouldn’t be deploying untested patches in the first place. When a patch is deployed, you should know exactly how it will act in your environment – because you’ve tested it.

3. Small businesses must have a test machine

This may seem to contradict the previous busted myth; many small businesses can’t afford to duplicate a production server for testing purposes. Creating a virtual machine (VM) that serves as a trial operating system is worth exploring.

Basically, you’re creating disposable test machines. You can’t keep them in a test environment because as soon as the trial period runs out, they’re no good. But you can re-arm them to test patches against the environment.

Again, this doesn’t create a perfect duplication of your server; there is hardware to consider. But if your financial resources are limited, virtualization comes close so you can test patches.

4. New patches are out and they need to be installed – now!

Slow down. Just because a patch is released, doesn’t mean you have to install it immediately.

You have time to test and research. If you can’t test it yourself, wait to hear from people who post feedback on IT security websites, blogs and forums.

Determine how long it will take to uncover the answers you need. It will help you establish the amount of time that’s on your side.

5. ‘It can’t happen to me’

Cybercriminals want you to adopt this mentality. They’re looking for users who believe they’re too small to matter, and therefore fail to patch their systems regularly.

Hackers look for vulnerable networks; the low-hanging fruit.

You, therefore, need to raise your awareness. Dispelling common patching myths is a smart start.

Leave a Reply