Q

Approach patch management from a policy perspective

I am in charge of developing a patch management policy for our organization (about 450 users). Before I begin creating a patching framework specific to my environment, are there any specific factors I should take into consideration?
It's great that you are approaching the issue of patch management from a policy perspective first -- this is definitely one of the keys to success. For an organization of your size, I would not make the policy overly complicated. At a minimum, ensure the following issues are accounted for in your policy:
  • Proactively monitoring security issues and patch releases from key vendors

  • Prioritizing and scheduling patches in your environment

  • Testing patches in your environment before widespread rollout

  • Tracking changes and updates to your environment (change management)

  • Regularly auditing the environment to ensure compliance with general patch management guidelines

For further detail on these issues, see my white paper published on the patchmanagement.org site.

Other resources that should assist you with designing your policy include:

This was first published in March 2005
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close