TechTarget

IT managers overwhelmed by patch work

The number of patches required to update security products over the past 12 months has proved so overwhelming for IT managers...

The number of patches required to update security products over the past 12 months has proved so overwhelming for IT managers that the process is now decreasing - rather than increasing - network security.

A study conducted by managed security service provider Activis, a UK subsidiary of the German company, Articon-Integralis, found that security managers at a company with an IT infrastructure comprising eight firewalls and nine servers would have had to make 1,315 updates to those systems in the past nine months alone; the equivalent of five updates per working day.

That number is based on the total number of updates and patches released during that period by some of the major software and security vendors.

John Cheney, managing director of Activis, said the study looked at a typical configuration used by most companies. These included Microsoft's NT Servers, SQL Server and Exchange, Checkpoint Software Technologies's firewall products, Sophos's antivirus applications and Internet Security Systems's RealSecure network and server scanners.

Although most software vendors advise companies to install every patch that is issued, Cheney observed that it was unrealistic to expect an organisation using hundreds of servers to update every server with every new patch.

If installing patches and updating systems for security vulnerabilities overwhelms IT managers, Cheney recommended that they start with public-facing systems such as Internet sites and Web portals.

And while companies like Microsoft have addressed the problem of patch management by releasing automated tools, Cheney said that automated installation and downtime related to rebooting servers after the installation of patches are still major challenges for the security industry.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close