IT security: patching makes perfect

Sascha Giese, Head Geek at SolarWinds, explains how patch management can help keep public sector IT systems watertight

The increasing risk of cyber attacks has led to IT for central government departments identifying exactly where they need to prioritise their security, and one area that may not have always seemed immediately obvious is keeping systems patched. Specific security measures such as firewalls and antivirus software are crucial, but ensuring that patches are implemented when they become available is just as important when it comes to maintaining government cybersecurity standards.

As one of the key topics being discussed at this year’s CYBER UK event, patching is something that government organisations in particular are beginning to focus their attention on. Patch management solutions can be the answer for many, as these take away the need to manually patch every application and system, with automation taking care of the major workload.

No patch, no problem?
Every organisation, public or private, relies on software more than ever before. As the amount of software in use increases, so does the number of updates that need to be integrated to keep the systems functioning optimally. Part of these patches usually include security updates provided by the manufacturer to ensure that their software isn’t vulnerable to attack. Patching is usually a manual process, meaning that when patches become available, IT teams are integral to making sure they’re rolled out to every device that needs them. However, manual patching can be a lengthy process and can sometimes fall down the list of IT priorities.

If there are holes in your security, it won’t take a complex attack to break through your defences. A simple form of malware can infiltrate your systems, causing potentially irreversible damage. Software vendors such as Microsoft® release patches whenever an update is required, sometimes in response to a specific problem identified by users; for example, after the WannaCry ransomware attack in 2017. If IT teams patch the systems quickly, security vulnerabilities can be avoided. But anyone who leaves patches for several weeks is risking their organisation’s data and network security.

Automation is the answer
Patch management solutions offered by third-party businesses automate patching within an organisation to ensure that patches are integrated as soon as they’re available. The software works to keep patching on schedule and delivers patches across every device that requires the update. Though it works in the background, this solution can make a huge difference to an organisation’s security. It should typically take care of the majority of patching using automation, by handling all of the widespread patches required by the majority of users, such as a patch from Microsoft. In doing so, the workload for internal IT teams is reduced, thereby allowing employees to focus on areas of the organisation that require human input. While this will include a range of areas, it particularly frees up time to work on individual patches in more specific instances, such as for unique software that only a few members of an organisation have access to.

Patch management is hugely beneficial to organisations because it can cover more software quicker and easier than an employee could. If the IT department supports a Firefox browser, for example, it will manually roll out any patches that are available for Firefox; however, if any employees use Google® Chrome instead, the IT team may not be aware of this, and therefore wouldn’t manually patch this. A patch management solution can help to organise patching requirements and can make it easier to set up automatic patching for more software than just the basics. Any new software for patching simply needs to be added to the solution and it will thereafter be patched automatically. It can quickly address any software vulnerabilities and should provide dashboards that give full visibility to the entire management process so IT teams can view the latest available patches, as well as the general health of their IT environment.

With all of this information to hand, public sector IT teams will no longer need to worry about whether their third-party software has any holes in its security, as they can be confident that the patch management software is keeping everything up to date at all times. And with more time available to identify and manually implement more unique patches, employees can ensure every defence is in place to keep security watertight.