This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
We’re in an era in which pre-packaged exploit services make it possible for the average Joe, with no technological experience or prowess, to launch intricate attacks on our environments. So, what can be done? Patching operating systems and applications is a surefire way to block some attacks. But you need to do more than blast out auto updates.
Here are seven patch management best practices that take your organization’s cybersecurity to the next level:
#1 Use a proper discovery service
You can’t secure what you don’t know about. The only way to know if a breach or vulnerability exists is to employ broad discovery capabilities. A proper discovery service entails a combination of active and passive discovery features and the ability to identify physical, virtual and on and off premise systems that access your network. Developing this current inventory of production systems, including everything from IP addresses, OS types and versions and physical locations, helps keep your patch management efforts up to date, and it’s important to inventory your network on a regular basis. If one computer in the environment misses a patch, it can threaten the stability of them all, even curbing normal functionality.
Source: NW Security 1