Why patching?

Breaches occur when a vulnerability on a network is exploited.

Stylized claw grasping handle attached to word SOFTWARE

There are two main ways to prevent that from happening:

1. Protect the vulnerability

Stylized brick firewall prevents 2 claws from reaching SOFTWARE, but 1 claw is able to circumvent it

Firewalls and antivirus systems help protect these vulnerabilities, but they're not perfect. Their greatest value is to protect the unpublished vulnerabilities that only hackers know about from what are called “zero-day attacks”.

2. Remove the vulnerability

Stylized claws approach SOFTWARE, but it has no handles for them to grasp

For the vulnerabilities that can be fixed, removing them through patch application is 100% effective. Even if malware did come in contact with the network, it wouldn't be able to do anything.

With over 99% of breaches depending on a published vulnerability, where should your emphasis be?

Patching requires visibility

Most corporate networks are missing large numbers of patches without anyone realizing it. What's going wrong?

The most common issue is that third party patches have been forgotten. Microsoft provides tools for managing their patches, but it's often the other software we use that's vulnerable.

Another possibility is that patches were being applied, but something broke. This can be because the software that applies patches broke, the disk is full, or myriad other issues.

The solution to both of these issues is to have a clear picture of what's happening on a network. This should be done both through periodic, in depth security audits, as well as on a continuous basis through a security management tool that shows you which updates are missing and why they haven't been applied.

A security management tool like the Lithik Security Manager not only provides this visibility, but actually improves security by automatically fixing the vulnerabilities as well.

© 2016 Lithik Systems, Inc.
635 Park Meadow Road, Suite 208, Westerville, OH 43081