Skip Links

Automated patch management for small organizations

IT Best Practices Alert By Brian Musthaler, Essential Solutions, Network World
December 10, 2010 05:05 PM ET
Sign up for this newsletter now!

The CIO-level business angle on the latest tech

According to both Gartner and CERT, more than 90% of security events result from targeted exploits to known vulnerabilities in software where patches have been made available but have not yet been applied. More and more exploits are being written for applications that hackers know are not being regularly patched by users—applications like Adobe Acrobat, iTunes, QuickTime, WinZip, RealPlayer, Firefox and more. The Firefox web browser alone represents nearly 20% of the browser market, making it an attractive target for miscreants looking to exploit any known vulnerabilities.  

To help combat the malware that is growing day by day, organizations need complete coverage over their entire environment regardless of device location and connectivity status. This includes mobile devices that are frequently off the network as well as those devices that are always attached, and virtual as well as physical assets. To accomplish this, IT organizations need a solution that:

* Supports patch management for any current and legacy Windows-based applications (those developed by Microsoft, ISVs or custom-built in-house)

* Supports both physical systems and virtual environments with the ability to analyze a virtual machine, even if it is offline

* Digs deep into the Web browser environment, which is effectively its own operating environment on the system and has its own set of applications (plug-ins, etc.) to patch

These needs are routinely managed by large organizations with system management tools from vendors such as BMC and Symantec. Smaller companies, however, often lack the resources and expertise to deploy such tools. What’s more, enterprise-class management solutions are simply overkill for the smaller company that doesn’t need all that functionality.

Now small-to-medium sized companies (SMBs) can use the same toolsets these system management vendors embed in their enterprise offerings. Software developer Shavlik Technologies provides kernels of technology to BMC and Symantec, who incorporate them into their own products. Shavlik also markets this same technology to SMBs in its Shavlik NetChk Protect platform offering. This allows any organization, regardless of size or extent of resources, to simplify its patch and antivirus management to improve its security and compliance posture.

NetChk Protect helps organizations ensure they are securing their entire Windows environment by scanning and deploying patches for Microsoft operating systems and applications (both current and legacy) and third party applications. NetChk Protect also allows custom patches to be identified, selected, and deployed for non-commercial applications or software that is developed in-house.

With NetChk Protect, organizations can automatically bring systems into conformance with corporate policies for patching, antivirus and deployed software applications by identifying systems that are not fully patched, that don’t have the latest antivirus signature, or that have unsupported software applications installed.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News