{"id":5471,"date":"2016-10-05T18:44:12","date_gmt":"2016-10-05T17:44:12","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5471"},"modified":"2021-04-06T18:49:30","modified_gmt":"2021-04-06T17:49:30","slug":"five-steps-easier-patch-management-process","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process","title":{"rendered":"Five steps to an easier patch management process"},"content":{"rendered":"<p>Patching your systems isn\u2019t something that the average IT admin wants to do. It\u2019s a dull task, and it risks disrupting IT services and causing trouble. It\u2019s also\u00a0<a class=\"ext\" href=\"https:\/\/www.asd.gov.au\/infosec\/mitigationstrategies.htm\" target=\"_blank\" rel=\"noopener noreferrer\">one of the most effective, government-mandated ways<\/a>\u00a0to stop intruders getting into your infrastructure. So if you haven\u2019t already, it\u2019s time to step up, take your medicine and hold your nose\u2026 and get your patch management process under control.<\/p>\n<p>Statistics suggest that many companies haven\u2019t patched their software properly for a long time. In its\u00a0<a class=\"ext\" href=\"https:\/\/www.thehaguesecuritydelta.com\/media\/com_hsd\/report\/57\/document\/4aa6-3786enw.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">2016 Cyber Risk report<\/a>, HPE revealed that the top 10 vulnerabilities exploited by attackers were over a year old (and almost half of them were five years older or more). This tells us that there are plenty of unpatched products languishing on desktops and servers today, broadening the attack surface substantially.<\/p>\n<h3>Patch management best practices<\/h3>\n<p>Those products aren\u2019t just core Microsoft ones, either. It\u2019s easy to take a high-level approach to security patch management, relying on Microsoft\u2019s patch Tuesday and calling the job done. The reality is more complex. At the time of writing, NIST\u2019s\u00a0<a class=\"ext\" href=\"https:\/\/web.nvd.nist.gov\/\" target=\"_blank\" rel=\"noopener noreferrer\">National Vulnerability Database<\/a>\u00a0shows 4,315 vulnerabilities in total between January and September 2016. Just 367 (8.5%) of those were Windows vulnerabilities, while slightly more were vulnerabilities in Adobe products. Oracle products accounted for 520 (12%) of the total. If you\u2019re using a multi-vendor application portfolio, there will probably be many holes to seal.<\/p>\n<p>So, how can you manage this rats\u2019 nest of software patches effectively, when dealing with limited resources? Here are five steps to bring your security patch management up to speed, and keep it there.<\/p>\n<p>1\/ Evaluate your portfolio<\/p>\n<p>You won\u2019t be able to do much without a solid software inventory first, so that you know what you\u2019re dealing with. Using decent<a href=\"https:\/\/www.solarwindsmsp.com\/products\/rmm\/use-cases\/it-asset-discovery-tools\">\u00a0IT asset management software to discover<\/a>\u00a0and baseline your installed software is crucial (and it will also help you with license compliance).<\/p>\n<p>Once you understand what you have, build a list of open issues that require patching. Vulnerability assessment software can help here by identifying relevant vulnerabilities in its own list or in the NVD.<\/p>\n<p>2\/ Prioritize your patches<\/p>\n<p>IT admins\/technicians probably won\u2019t be able to patch all of these things at once, because patches typically have an impact on the IT resources involved and may even involve a system restart. Prioritizing patches to deal with the critical vulnerabilities first can at least mitigate the largest risks and set you up to deal with the smaller risks over time.<\/p>\n<p>Another overhead to consider when\u00a0<a class=\"ext\" href=\"https:\/\/www.solarwinds.com\/patch-manager\" target=\"_blank\" rel=\"noopener noreferrer\">patching software<\/a>\u00a0is the effect of the patch on the target application and on other systems that it interacts with. The dangers here are real. Microsoft has\u00a0<a class=\"ext\" href=\"https:\/\/redmondmag.com\/articles\/2014\/11\/20\/explanation-for-azure-outages.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">brought Azure to its knees<\/a>\u00a0in the past by failing to follow adequate patching procedures.<\/p>\n<p>In an ideal world, administrators will test patches to identify any adverse effects before deploying them. Virtualized systems can make the testing process a little easier.<\/p>\n<p>3\/ Create consistency<\/p>\n<p>Once you\u2019ve tested your patches, ensure that they\u2019re rolled out consistently via a single channel. This can be harder than it looks. In an unrestricted IT infrastructure, patches can be deployed by specialist patch management servers, or by update functions within a vendor\u2019s own product. Users can pull down patches independently, or attempt to block deployment on their machines.<\/p>\n<p>IT departments need to set and enforce policies that keep everyone on the same page. Consistency is key here to avoid the installation of untested patches or partial deployment across your infrastructure. Lock down users\u2019 ability to tamper with their systems, via Group Policy settings or your operating system\u2019s equivalent.<\/p>\n<p>4\/ Cover everything<\/p>\n<p>Patching your modern servers and desktops is only the start. There are other systems to patch, including mobile devices, embedded systems and legacy systems. Each of these may have to be dealt with in a separate way.<\/p>\n<p>Application and operating system versioning for mobile users may need to be managed with an enterprise mobile management server, for example, while embedded and legacy equipment may need manual management, or at best a series of custom scripts. This may incur a productivity overhead, which also makes them prime targets for attackers looking for an overlooked way into a network.<\/p>\n<p>5\/ Formalize the process<\/p>\n<p>Once IT administrators have brought their software patching up to speed, they can use the same formalized processes to move forward with a consistent and regular patching process that is part of a broader change management strategy. Checking regularly for vulnerabilities and patches to fix them should be a standard process for any competent IT or information security team. Vendors often tend to try and make this easier for companies by rolling up patches into bundles, often released at regular intervals. The earlier that you apply these patches \u2013 and protect your users \u2013 the better.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A strong patch management process can help you prevent intruders getting into your infrastructure.<\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5471","post","type-post","status-publish","format-standard","hentry","topic-msp-business"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Five steps to an easier patch management process - N-able<\/title>\n<meta name=\"description\" content=\"A strong patch management process can help you prevent intruders getting into your infrastructure.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Five steps to an easier patch management process - N-able\" \/>\n<meta property=\"og:description\" content=\"A strong patch management process can help you prevent intruders getting into your infrastructure.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2016-10-05T17:44:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-06T17:49:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"N-able\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"N-able\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"4\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\"},\"author\":{\"name\":\"N-able\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\"},\"headline\":\"Five steps to an easier patch management process\",\"datePublished\":\"2016-10-05T18:44:12+01:00\",\"dateModified\":\"2021-04-06T17:49:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\"},\"wordCount\":808,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"MSP Business\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\",\"name\":\"Five steps to an easier patch management process - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2016-10-05T18:44:12+01:00\",\"dateModified\":\"2021-04-06T17:49:30+00:00\",\"description\":\"A strong patch management process can help you prevent intruders getting into your infrastructure.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"MSP Business\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/msp-business\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Five steps to an easier patch management process\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\",\"name\":\"N-able\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"caption\":\"N-able\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Five steps to an easier patch management process - N-able","description":"A strong patch management process can help you prevent intruders getting into your infrastructure.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process","og_locale":"de_DE","og_type":"article","og_title":"Five steps to an easier patch management process - N-able","og_description":"A strong patch management process can help you prevent intruders getting into your infrastructure.","og_url":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2016-10-05T17:44:12+00:00","article_modified_time":"2021-04-06T17:49:30+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"N-able","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"N-able","Gesch\u00e4tzte Lesezeit":"4\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process"},"author":{"name":"N-able","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b"},"headline":"Five steps to an easier patch management process","datePublished":"2016-10-05T18:44:12+01:00","dateModified":"2021-04-06T17:49:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process"},"wordCount":808,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["MSP Business"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process","url":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process","name":"Five steps to an easier patch management process - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2016-10-05T18:44:12+01:00","dateModified":"2021-04-06T17:49:30+00:00","description":"A strong patch management process can help you prevent intruders getting into your infrastructure.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/five-steps-easier-patch-management-process#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"MSP Business","item":"https:\/\/www.n-able.com\/de\/blog\/category\/msp-business"},{"@type":"ListItem","position":2,"name":"Five steps to an easier patch management process"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b","name":"N-able","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","caption":"N-able"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=5471"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/5471\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=5471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}