In 2020, there were more than 18,000 software vulnerabilities reported publicly. That number has grown exponentially as we navigate a new digital era of cybercrime, and it equates to lots of software patching. It seems every week we are managing critical security patches that, if ignored, can cause serious vulnerabilities to business data and productivity.
This problem can be further exacerbated by the fact that patching, often the fix for “functional bugs”, can create new problems, sometimes breaking the functionality or disabling a device altogether.
So what is a business to do? Should you manually patch machines or skip the process altogether leading to vulnerabilities or inefficiency?
If you are a managed IT Services client with TechSeven, patch management is one of the most important services you receive. Because patches are created by and for the software companies you use, we cannot control their impact on your office environment, but we can help lessen negative effects with a proper patching lifecycle and assistance with issues as they arise. Read more about what patching is, where it comes from, and how we can help.
WHAT IS A PATCH?
A patch is a piece of software code that can be applied after the software program is installed to correct an issue with that program. Most software programs may have several patches after their initial release.
Software vendors issue patches for two main reasons:
1. To fix functional bugs to improve the functionality, usability, or performance of a program.
2. To remediate security vulnerabilities that could be exploited by hackers. (computer hope)
WHAT IS PATCH MANAGEMENT?
Definition: The systematic notification, identification, deployment, installation, and verification of operating system and application software code revisions. These revisions are known as patches, hotfixes, and service packs (NIST).
Here is what the Patch Management process looks like:
- Track patch releases – Stay abreast of patch releases from vendors whose software your business uses.
- Scan – A scan of all endpoints (servers, desktops, and laptops) is run to see if any software requires recently published patches.
- Acquire – Patches are acquired from the software vendor.
- Test – Test the patches in a test environment before deploying them.
- Deploy – Deploy patches to production systems based on predefined policies.
- Validate – Monitor patches and correct any errors or issues they may have caused to your systems or applications.
- Report – Report on updated systems and fixes. (Kaseya)
WHAT CAN I DO TO MAKE PATCHING A SMOOTHER PROCESS?
We are so glad you asked! Leaving your computers on is a key procedure we ask your team to adopt. Shutting your computers and laptops down can cause patches to be missed and future deployments can possibly disrupt production hours.
So what do we mean by Leave your Computers on?
- Do not Power down machines like workstations or laptops after hours.
- Close all programs or apps (this includes practice management software for medical/dental practices).
- Do not use the settings “hibernate” or “go to sleep”.
- Leave laptop lids open or change your power settings to “do nothing” when the lid is closed.
- Lock your screen for security and make sure your password is strong for access.
Patches are a necessary function of your business, and although we cannot eliminate the pain of them altogether, a good patch management lifecycle executed by IT professionals can definitely reduce the burden of this process.
We encourage you to reach out to our tech team at 803-327-6434 with any questions regarding patching or other technical services. We appreciate your partnership and the trust you place in our team.