December 7, 2016

Is Your Patch Management Policy Effective?

Although there are many different ways hackers can try to gain access to your network and information resources (including social engineering and use of lost or stolen passwords), the exploitation of unpatched software is one of the most common vectors used and is often one of the most effective for the hacker.

To manage the software on your network and to ensure that it is up to date, an effective patch management policy is needed. Here are some points to remember when creating or reviewing your patch management policy.

  • A patch management policy needs to find the right balance between reducing your organization’s vulnerability to outside attack while ensuring that applying the patches doesn’t interrupt normal business.
  • Define a workable policy for patch testing. Patches to end user software like Adobe Flash Player or Adobe Acrobat can be installed with minimal testing. However patches to your database server need rigorous testing before being applied.
  • How competent is the patch provider? Should automatic updates be accepted without question? Maybe updates from Adobe (for Flash and Acrobat Reader), Google (for Chrome), Mozilla (for Firefox) etc should be trusted. However software companies aren’t immune to releasing bad patches. Read how Microsoft released a patch which broke VMWare’s View Client.
  • Understand the priority of patches. Vulnerabilities which are being actively exploited should be considered higher priority to those which are theoretical. If patches are released in response to an actual incident consider applying the patches as soon as possible.

GFI Software adds vulnerability scanning and security patch management to GFI MAX RemoteManagement

GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced it has added vulnerability scanning and security patch management to GFI MAX RemoteManagement, its award-winning remote management and monitoring solution. Managed Service Providers (MSPs) and IT support companies can now deliver cost-effective patch management to boost profits and reduce security risks for their clients.

GFI MAX RemoteManagement is an IT managed services software solution that makes it easy to stay on top of customers’ servers, desktops, networks, hardware and software with its monitoring and management, inventory tracking and automated server and desktop maintenance tools. Thousands of IT support companies, VARs and MSPs use GFI MAX RemoteManagement to maximize revenues, minimize costs and deliver exceptional customer service. It can be installed and set up in 10 minutes and requires no training, hardware or contractual commitments.

“We know security vulnerabilities remain amongst the most disruptive and damaging types of problem experienced in real-world networks, causing lost time and potentially security breaches to customers. This in turn can soak up large amounts of time remediating the problems and cleaning up the systems. The variety and number of threats continue to increase and it is impractical to manage them without effective tools to automate the process,” said Alistair Forbes, General Manager, GFI MAX.

“To overcome this problem, GFI MAX RemoteManagement now includes the award-winning technology of GFI LANguard™, to provide best-in-class vulnerability scanning and patch management capabilities via GFI MAX RemoteManagement™. This provides an effective and efficient solution not only for Microsoft Windows and Office applications, but also non-Microsoft applications such as Adobe Reader, Adobe Flash Player, Adobe Acrobat, Adobe Shockwave, Mozilla Firefox, Mozilla Thunderbird, Java, Opera and Quicktime.” he added.

With vulnerability and patch management for servers and workstations managed easily through GFI MAX RemoteManagement’s intuitive dashboard, MSPs and IT support companies can deliver a high value service to reduce their customers’ risk of downtime and identify and rectify security holes in their networks by scheduling the installation of security patches. The patch overview report provides a clear and complete summary of how GFI MAX RemoteManagement has helped to ensure these machines are up-to-date and secure.

Patch management in GFI MAX RemoteManagement is priced competitively in relation to standalone products and customers pay only for the devices with patch management enabled. Moreover, for customers already making extensive use of the existing product features, there’s no extra charge to use patch management on servers as it is included in the low capped monthly server price.

More information on GFI MAX RemoteManagement and patch management capabilities can be found here: http://www.gfi.com/it-managed-services-software/features/patch-management.

About GFI MAX RemoteManagement
GFI MAX RemoteManagement delivers an easy, affordable solution for IT support providers, Value Added Resellers (VARs) and Managed Service Providers (MSPs) who are looking to take better care of their clients at less cost. GFI MAX RemoteManagement (RMM) solution includes server, network and workstation monitoring and management, asset tracking, client reporting and remote access.

Source:[gfi.com]