Windows Server and Workstation Updates

Managing patches is an issue of critical importance to system administrators and IT managers, and Microsoft offers a number of tools to help you manage patches and simplify the task of keeping systems up-to-date. The Wi-Phye Support team is here to help with guidance that will help you to assess your environment and implement an effective software update and security patch management strategy.

Patch management is the process of controlling the deployment and maintenance of interim software releases into production environments. It helps you to maintain operational efficiency and effectiveness, overcome security vulnerabilities, and maintain the stability of your production environment.

If your organization cannot determine and maintain a known level of trust within its operating systems and application software, it might have a number of security vulnerabilities, which, if exploited, could lead to a loss of revenue and intellectual property. Minimizing this threat requires you to have properly configured systems, to use the latest software, and to install the recommended software updates.

You should consider the following areas when determining the potential financial impact of poor patch management:

Downtime:
What is the cost of computer downtime in your environment? What if critical business systems are interrupted? Determine the opportunity cost of lost end-user productivity, missing transactions on critical systems, and lost business during an incident. Downtime is caused by most attacks, either by the attack itself or by the corresponding remediation required when recovering. Some attacks have left computers down for several days.

Remediation time:
What is the cost of fixing a wide-ranging problem in your environment? How much does it cost to reinstall a computer? What if you had to reinstall all your computers? Many security attacks require a complete reinstallation to be certain that back doors (permitting future exploits) were not left by the attack.

Questionable data integrity:
In the event that an attack damages data integrity, what is the cost of recovering that data from the last known good backup, or confirming data correctness with customers and partners?

Lost credibility:
What does it cost if you lose credibility with your customers? How much does it cost if you lose one or more customers?

Negative public relations:
What is the impact to your organization from negative public relations? How much could your stock price or company valuation fall if you are seen as an unreliable company with which to do business? What would be the impact of failing to protect your customer's personal information, such as credit card numbers?

Legal defenses:
What might it cost to defend your organization from others taking legal action after an attack? Organizations providing important services to others have had their patch management process (or lack of one) put on trial.

Stolen intellectual property:
What is the cost if any of your organization's intellectual property is stolen or destroyed?
Assessing and maintaining the integrity of software in a networked environment through a well-defined patch management program is the key first step toward successful information security, regardless of any restrictions to physical access to a computer.