According to data from the FBI and Carnegie Mellon University, more than 90% of all security breaches involve a software vulnerability caused by a missing patch that the IT department already knows about. Even the SQL Slammer worm, which caused IT managers across the globe plenty of headaches, could have been avoided if a patch that was available six months earlier had been applied.
Research company Gartner mirrors this finding reporting that 90% of security breaches occur because hackers take advantage of improperly patched systems.
"We are seeing the new age virus threats using vulnerabilities in operating systems and software to infect systems. Viruses are a real threat in companies, costing them money and loss of productivity. A good anti-virus solution is a combination of anti-virus software and up-to-date patched environment," says AfricaSD`s Patchlink Business Development Manager Renette Joubert.
"Sasser exploits a Microsoft Vulnerability MS04-011 (LSASS), infecting all systems that are not patched. So, once again, here is a virus spreading through vulnerabilities in operating systems, making a patch management policy a must in the prevention for viruses."
There are a few considerations to take into account when a customer looks to implement an effective patch management solution:
1) It should have the ability to identify what patches are required on which machines.
2) It should be able to automatically download all relevant patches for your customers` environments.
3) It should allow your customers maximum control and management.
4) It must be able to deploy the relevant patches quickly without taking up much bandwidth.
5) It must have detailed reporting abilities to keep your customers in control.
6) It should be multiple platform and multiple vendor compatible.
"Organisations can`t just focus on MS Windows and operating systems! Realising this can save companies a lot of pain," says Joubert. "Similarly, applications can and do provide hackers and the like with vulnerabilities to exploit. It`s not just an operating system problem. Using a multiple platform and multiple vendor patch management solution is the only way to achieve optimum patch vulnerability security."
AfricaSD distributes the number one rated patch management solution available today, Patchlink Update.
Patchlink Update was recently named as a winner by one of the IT industry`s leading enterprise IT magazines in eWeek`s Fourth Annual Excellence Awards programme, in the networking and management tools category.
"This is significant as the awards honour the most innovative and relevant enterprise hardware, software and services announced in 2003 and available by the end of the first quarter of 2004. Patchlink has consistently been rated as the leader in patch management by industry experts over the last few years," says Joubert.
According to the 2003 State of information Security survey conducted by PricewaterhouseCoopers and CIO Magazine, global organisations are planning to take a more strategic approach to threat and vulnerability management in 2004.
To find out more about PatchLink Update, please go to www.africasd.com.
Share
Editorial contacts