Patch Management Best Practices—A 'Well-Oiled Machine'
Looking for a clear, well-structured overview of best practices and trends in patch management? Then this Ivanti security webinar is for you.
First presented at Interchange 2018 in Dallas the week of May 13th and subsequently online, it’s one of our most popular sessions and is ready when you are.
As part of your malware protection strategy , you may also want to look more closely at specific Ivanti patch solutions: Patch for SCCM; Patch for Windows; Patch for Linux, UNIX, Mac; and Patch for Endpoint Manager.
Can the Patch Management Process Run Smoothly?
Without question, patch management is essential to reducing your attack surface and keeping your endpoints and business running smoothly. However, it’s also a process that must be repeated weekly, monthly, quarterly—and whenever critical fixes have been identified for your environment.
But there’s good news. With the right tools and some advance planning, this process can run smoothly and leave your IT team with more time to support core business goals.
IT can be a real ditch
if there’s a patching glitch.
Down in the trenches
amid all the stenches?
Consider Ivanti’s pitch.
This webinar is presented by Ivanti security product management gurus, Chris Goettl (You Gotta Getta Goettl) and Todd Schell (One Schell of a Guy)—the same experts who host our popular monthly “Patch Tuesday” webinars.
As Chris explains, Ivanti’s security strategy is based on three principles:
Discover: Easily find and quantify the assets you need secured
Provide insight: Clearly identify risk
Take action: Use best-in-breed tools to act swiftly
Here’s an outline of what Chris and Todd cover:
Webinar Q & A
One of best portions of the webinar is the Q & A session towards the end. One attendee commented via chat about why Microsoft continues to refer to Patch Tuesday as such when Microsoft has two or three releases of updates each month.
Chris Goettl replied that Microsoft still considers Patch Tuesday as the security-focused event, but they may have additional security fixes that follow the next week and a half or two weeks. “Maybe a version of a patch had to be re-released or they didn't include a certain platform update on Patch Tuesday so it came a few days later. This happens a lot,” Chris said.
He continued, “And then there are the non-security updates that happen at the end of the month as well. It’s hard to keep in a consistent maintenance window when you’ve got all these additional updates constantly coming out. One of the things we often suggest is getting to a point where you classify your assets. If it’s a server, that’s gotta go into a more consistent maintenance window once a month—once a quarter if there are extenuating circumstances, but once a month is preferable.”
And referring to end-user machines, Chris said, “It’s much more critical to try to get those into a more frequent cadence—especially getting laptop users into a weekly or twice-a-week cadence. And maybe you set up a policy that only does things like Flash Player, Office, and browsers, you know, once a week, but everything else such as the OS updates will just be once a month. So, there are different ways you could strategize and do that based on your risk tolerance.”