At On Site Services we are finding that our customers with regularly scheduled general maintenance usually have less catastrophic events and have a greater chance of having errors detected earlier. Patches and updates and on servers and any internet and mail security devices / software are all a part of important regular general maintenance.
We highly recommend that all of our customers have a detailed plan in place for regular patches and updates to all of their servers and security devices. As such we are working with our customers to ensure that a system is in place that effectively meets individual company needs.
The following is a summary of clips from several respected IT sources including Microsoft that all speak to the need for, and importance of, regularly scheduled patch and update maintenance.
Software system security has come to depend on customer IT organizations closely monitoring patches for vulnerabilities, and on the ability of those organizations to test and deploy the patches before they can be exploited.
Most successful computer attacks exploit well- known vulnerabilities, for which patches exist. The problem is that hundreds of patches are released each month, many of which apply to OS’s and applications residing in your organization’s network.
Each month, Microsoft rolls out a security update containing a bunch of fixes for IT pros with Windows-based environments to consider, test and apply. It can be a real time drag, and Microsoft claims to feel that pain, especially for those maintaining Windows Server.
“Microsoft understands that deploying security updates can cause disruption to organizations and businesses, particularly when those updates affect server products. To help minimize disruption, Microsoft conducts extensive testing before releasing security updates to help avoid deployment or compatibility issues,”
“Microsoft recommends that customers install all applicable security updates, including bulletins with an exploitability index of 3 or a severity rating of Moderate. Exploitation techniques change over time, and newly developed techniques can make it easier for an attacker to exploit vulnerabilities that had previously been more difficult to successfully exploit. Nevertheless, Microsoft recognizes that prioritization decisions will be made within each organization and that time and resources may often be limited.
Failure to stay current and up to date on your patch management will leave companies and individuals at high risk for security breaches, virus infections, malware/spyware infections and many other unwanted IT hardships that could cost considerably more in the long run than simply making regular patches and updates by an IT professional a priority.