A few weeks ago, I woke up one morning to discover that Android had 34 software updates waiting for me. This was followed by my laptop wanting to reboot after installing the latest patches from Microsoft; my tablet needing a reboot after its latest firmware update; and my server screaming for me to put “yum” into action to install the latest patches available from Red Hat – all before 10:00 am in the morning!

With all of the technology we have today, installing software updates has become a near-daily activity. That statement is true for all professionals in the technology industry, especially those who handle patch management for large-scale enterprise IT systems.

Understanding the Patch Management Process

Recently, Tripwire’s Vulnerability and Exposure Research Team (VERT) wondered how organizations might be handling the influx of patches, so we decided to conduct some research on the topic. Not surprisingly, we found that many organizations are having trouble keeping up with the vast number of patches constantly being added to the work queue.

To many, installing a patch might sound easy. It’s just the simple click of a button, right? Not really. Patch installation difficulty varies across platforms, ranging from the most trivial of installation methods (clicking a button) to complex scenarios involving delicate sequences of events.

However, patch installation difficulty is not the only variable in this equation. Patch testing is another critical piece of the puzzle and, along with scale, is one of the more challenging aspects of patch management in the modern world of enterprise IT.

1. Refine Your Pre-Deployment Patch Management Procedures

Enterprises cannot go about installing patches blindly without understanding potential impacts of the change brought by a patch. Patches have a history of breaking things, and when things break in the enterprise, chaos ensues.

In (Read more...)