Inc: Patch Magic: When to Download a Security Fix

/Home/Internet Security: Articles/Internet Security: Inc

Is it in a business' best interests to implement every security patch an operating system or software manufacturer sends out? And should you deploy patches manually or via an automated patch management system? Here's how to decide.

APRIL 1, 2008
by Joel Keller

Security isn't exactly the most glamorous job in IT, but someone has to do it. After all, servers constantly face an onslaught of hazards, from viruses to worms to denial-of-service attacks, which can bring them -- and your business -- down in a flash.

Software manufacturers, especially Microsoft, aren't helping, finding vulnerabilities and sending out critical patches faster than security managers can deploy them. Which leaves IT departments in a quandary: update servers as soon as a critical patch comes out or wait until the patch is thoroughly tested? Choosing the former can cause applications critical to your business to stop running, but doing the latter, especially if you start falling behind, will leave your servers and network vulnerable to attack.

Whether an IT shop deploys its patches manually or via an automated patch management system, the key to not be buried under a virtual mountain of updates is to have a consistent and well-documented update process. In addition, standardized and hardened server configurations have help security managers keep up.

Click the URL above to read the full article