Access your Pro+ Content below.
Patch deployment best practices: Rushing patches isn't always better
This article is part of the September 2004 issue of Information Security magazine
Are you a procrastinator? If so, you have plenty of time to put off installing Service Pack 2 for Windows XP. In fact, consider this an opportunity to rethink patch deployment best practices altogether. But, this really isn't procrastinating; it's being prudent. Unless there's a worm slamming your perimeter, you shouldn't ever rush to deploy patches, hot fixes or service packs. SP2 is no exception, despite unquestionable security benefits: the default-on firewall, secure browsing and e-mail settings, and better malware resistance. This is no ordinary service pack installation; it's akin to a full upgrade. SP2 is massive--the enterprise version weighs in at more than 266 MB, and the home version is about 80 MB. Given its complexity and the inevitable application conflicts and snafus, most shops are waiting until they've completed their own testing or seen the snags hit by early adopters (see NewSCAN). As a colleague of mine said, "I never met a service pack that I wanted to blindly deploy." Let's face it: No one runs a pure ...
Access this Pro+ Content for Free!
Features in this issue
Despite heightened post-9/11 security awareness, the U.S. is exposed to numerous critical infrastructure threats.
Emerging Web app security services and products bring source code vulnerabilities to light, writes James C. Foster.
Offshoring is good for business, but lax security practices can torpedo your investment.
Columns in this issue
Would you tell your enterprise security secrets if you could hear others? Lawrence Walsh explains why he thinks communication in the security field is lacking.
Measuring risk and forming best practices relies on learning from past experiences. Analyst Jay Heiser explains how security tactics in the past, echo in todays world.
Do you rush to deploy patches, hot fixes or service packs as soon as possible? Victor Garza explains why this may not necessarily be the right decision.
See why Watchfire's acquisition of Sanctum does not spell the end for web app security.
The information security officer will soon go the way of the dodo bird.