Patch management advice and tips
I understand that patching is absolutely essential in keeping a network safe. Can you recommend some tips and best practices for keeping up with such a tedious and time consuming task?
Schedule a monthly date within your organization for updating systems. Designate a given date once a month as a patch/upgrade day for all system administrators and even users. That way, you'll have more coordination and control over patches. But, be aware! On your monthly update day, have your IT staff ready to roll in the event of an emergency. A patch could break an application, certainly. But with a controlled day of the month, your staff can be on red alert for problems. Instead of randomly scheduled updates with their random problems, you'll be much more prepared with one day per month.
Also, if you are a big Windows environment, educate your users that Windows Update is their friend. Have them surf there on a regular basis to make sure they get all critical updates. Alternatively, if you prefer having more direct control over their patch levels, consider deploying a patch management solution, such as Microsoft's own Software Update Services (SUS), available from Microsoft at no additional charge. SUS works wonderfully, but is limited in that it currently only deploys Microsoft updates, and not third-party updates.
For more info on this topic, visit these SearchSecurity.com resources:
Pre-register for this LIVE webcast on Feb. 17 at 1 PM ET: Expert's guide for effective patch management
Information Security magazine February 2004 Expose: A Patch in Time
Information Security magazine February 2004: Patch management tools
Featured Topic: Best practices for patch management
This was first published in February 2004