Commitment to patching pays off

We push and pull our computers in directions they were never meant to go, all in the name of increased productivity. In return, the least we could do is defend them against viruses and worms and vulnerabilities. But we tend not to.

Properly done, patching requires a lot of commitment and thought, as the number of fixable vulnerabilities out there is staggering.

“I would say that the majority of the vulnerabilities that we are looking at today have patches that are available,” said Dan McCall co-founder of Guardent Inc.

in Waltham, Mass. That number is probably on the order of 80 to 90 per cent, he added. “Very few vulnerabilities out there in the wild…don’t have patches.”

Patching is a huge problem and it is going to get worse, said Brian O’Higgins, CTO with Entrust Inc. in Ottawa. “And we are losing and falling further behind,” he said.

To reverse the trend, you first need to get a handle on what you are up against. Once the network and its attributes are properly mapped – and going to outside for help in this is not a bad idea – it is time to prioritize the data and applications.

Peter de Jager, an IT consultant based in Brampton, Ont., said all corporate data has to be placed into a security level. Usually four levels provide enough latitude; going from top security at a need-to-know basis down to public access information.

Almost all vendors have subscription-based patching and vulnerability services. When a new vulnerability and accompanying patch is available you

will be e-mailed with a notice. O’Higgins also suggests monitoring third-party Web sites that are devoted to security. There are dozens with update bulletins, of which CERT and SANS are just two.

“Then patch based on mission critical prioritization,” McCall said. “If you don’t have the expert on staff, there are resources out there that you can tap into.”

Once a patch is deemed necessary and properly tested against your applications then, and only then, should it be installed.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now