Save Yourself Now: Develop a Patch Management Process

Email this Page Share This Page

1/26/12

Abstract:

Patching is essential to securing computers on a network, regardless of industry. Installing a patch will plug a known security hole or address functional issues. Normally you would install patches as soon as they are available, but in some industries this is not always possible, or even recommended. In the case of industrial control systems, an untested patch could make systems unresponsive or shut them down unexpectedly. However, choosing not to patch weakens your security posture and allows easier access for malicious attacks. Reduce your risk of compromise and unintentional down-time with these four best practices.

Authors:

• Steven Wirt, Security Engineer, FoxGuard Solutions
• Mark Trump, Application Engineer, FoxGuard Solutions

Here’s a four step plan to successful patch management:

1. Select a patch management solution.
2. Create a backup and recovery plan.
3. Validate patches.
4. Implement a phased rollout.