Enterprise Patch Management: How To Go About It

Patch management is related to vulnerability management. Vulnerabilities frequently appear in critical client, server, and networking device operating systems and firmware. Application software, especially internet applications and frameworks like Acrobat, Flash, and Java, also are frequently discovered to have vulnerabilities.

Patch management involves all aspects of software patching, including identifying required patches, acquiring, distributing, installing, and verifying that the patch is installed on all required systems. Installing patches is frequently the most effective way to mitigate software vulnerabilities. Sometimes, they are the only way to do so.

Patch management is required by some compliance regulations, such as Sarbanes Oxley (SOX) and the Health Insurance Portability and Accountability Act (HIPAA). Failure to implement patches in a systematic and timely manner could result in audit failure and penalties for non-compliance.

Patch management depends on asset management data to identify systems that are running software that requires patching. Patch management software is available from companies such as SolarWinds and LANDesk.

Microsoft System Center Configuration Manager (SCCM) is an enterprise-level tool for the automated distribution of patches to a large number of Microsoft Windows workstations and servers.

Image is a screenshot of the SolarWinds Patch Manager summary screen. Shown in the screenshot are a list of Nodes Managed by WSUS Servers, a pie chart showing the Operating System Overview, by vendor and type, a pie chart showing an overview of Desktop Note Health, a list of all patches available grouped by company titles and severity. A pie chart showing the Top Ten Patches Missing, with a list of the patch names and the number of nodes missing the updates.

Patch Management Techniques

This requires a software agent to be running on each host to be patched. The agent reports whether vulnerable software is installed on the host.

The agent communicates with the patch management server, determines if patches exist that require installation, and installs the patches. The agent runs with sufficient privileges to allow it to install the patches. Agent-based approaches are the preferred means of patching mobile devices.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained includes staffs of Dangote Refinery, FCMB, Zenith Bank, New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.

Fact Check Policy

CRMNUGGETS is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.