The Patching Challenge White Paper

Keeping systems and applications up to date is vital defence against cyber-attacks - A staggering 93% of reported successful cyber-attacks could have been prevented by deploying readily available software patches and approximately 80% of publicly known vulnerabilities have patches available. The most common vulnerabilities are in fact application-based vulnerabilities as opposed to operating system vulnerabilities........ To continue reading how to implement or improve your patching regime, download the white paper now

Central to your Cyber Security Strategy is ensuring that your Operating Systems and the Applications running on them are kept up to date. Security patches are being released on an ever more frequent basis and keeping systems up to date requires robust planning and scheduling.

Good practice suggests that Operating System patching and Application patching should be carried out on a regular basis to avoid critical downtime caused by a Cyber Security Breach.

The implications of which are not only inconvenient, but bear both direct and indirect financial cost from loss of system access and potential industry fines.

Recently Talk Talk, DSG, Equifax & Cathay Pacific to name just a few - were all fined £500,000 for security failings that led to data loss including customers’ details - each time the ICO referred to inadequate patch management. The hacks would have been preventable if a robust patching policy was in place.

Benefits Of Outsourcing Your Operating System And Application Patching

There are many benefits to outsourcing your Operating System and Application Patching to PalisadeSECURE which includes global reach, real-time online reporting, stakeholder management, accountability and a passion for delivering exceptional service 24*7*365 - Everything included to deliver an affordable, dependable full service

Operating System Patching

Our team at PalisadeSECURE are experienced in deploying security patches across a number of Operating Systems including:

Microsoft Windows – server and desktop operating systems

Linux – including Red Hat, Centos and Debian

Operating System patching used to be fairly straight forward, particularly as Microsoft has a straight forward update release process. However, over the past few years we have seen the number of critical patches released has increased as well as break with release protocol where the risk has been deemed particularly high.

In a complex, multi-operating system server environment you have many challenges, including server ownership, stakeholder communication and end user expectations to take into consideration when approaching your strategy.

PalisadeSECURE work with you and the stakeholders to ensure that patches are delivered in a timely fashion while minimising risk and downtime to the business.

Application Patching

Application Patching, like Operating System patching is a critical part of the your patching policy. However, the additional risk and complexity involved means that extra need needs to be taken whilst understanding and deploying application patches. The negative impact to your business or organisation is high if your strategy is not sensitive to the extra requirements and processes that should be in place to ensure successful delivery of application patching.

This can be as simple as understanding how an application patch will behave with other applications and services running within the environment or ensuring that the communication plan includes all stakeholder, including development and support teams so they have an oversight upon potential issues that may occur.

Apart from propriety applications such as Adobe Suite, Microsoft Office and Java, PalisadeSECURE are experienced in patching bespoke or complex applications such as SWIFT, Oracle, Microsoft SQL and Exchange.

Hyper-Visor Patching

Hyper-visors such as VMWare ESX, Citrix XenServer and Microsoft’s Hyper-V have fast underpinned many fast growing infrastructure environments and provided the catalyst for cloud operating platforms right across the globe.

Central to any Cyber Security Strategy should be to understand that Hyper-visors are a critical part of the infrastructure that requires the same level of oversight as Operating System and Application patching.

PalisadeSECURE understand the complexities of virtual environments and can design and deliver a robust and effective Hyper-visor patching deployment program.

Our experienced technical staff understand the impact and complexities around Hyper-visor patching either stand-alone or as part of a broader patching policy.

Operating System Upgrades

Equally as important as patching your operating systems and application is keeping your operating systems up to date. When new operating systems are released the clock starts ticking and you are obligated to upgrade before the support runs out.

Of course, this is and has always been optional but in today’s environment how optional is it? As soon as support for the operating system stops, so does the release of security patches (unless of course in very special cases such as the WannaCry outbreak).

In a complex environment, upgrading your operating systems can be a huge project with the huge budget that goes with it. From scoping to resourcing to the impact on the business, these are costs that can easily escalate.

This is where PalisadeSECURE recognise the critical importance of upgrading your operating system as part of a robust Cyber Security Strategy. The benefit of understanding this means that we can factor this into the services we provide.

PalisadeSECURE can optionally factor in Operating System Upgrades as part of our ongoing service. So rather than being on the back foot, we can help you be on the front foot and plan your operating system upgrades and provide a road map way in advance of critical support expiring.

Together with an End of Life program, ensuring software is kept up to date with the right planning, provides you with a good foundation for keeping your environment secure.

BIOS Updates

The risk and impact of running BIOS updates has the potential to cause infrastructure teams much pain because of the type of change a BIOS update can have on the hardware and the way the software can react.

Ensuring an approach that matches the risk is adopted is critical to running a successful BIOS Update program.

PalisadeSECURE have the experience and expertise to ensure that the risk and impact is minimal. Running BIOS Updates as part of a robust Cyber Security Strategy is an important part of minimising the potential of a security breach.

Additional Support Services

Depending on the level of service and type of involvement our team has within your environment, our resources can be used to provide additional support where opportunities are identified.

For example, you may require additional oversight of your anti-virus policy or help to roll out specific applications alongside your patching windows.

PalisadeSECURE recognise that from time to time we are in a position to provide additional support services where they have been identified as a benefit.

End Of Life Management

End of Life Management forms part of a forward thinking robust Cyber Security Strategy. As soon as software is out of date, it poses a real threat to the environment it resides in. Thinking ahead and understanding your risk profile helps you plan for eventual upgrades and identify areas that can be consolidated or decommissioned.

Being close to your environment, PalisadeSECURE are able to play a pro-active or complete part in your End of Life Management Strategy.

Working with internal and external vendors PalisadeSECURE can keep a close watch of End of Life.