The following excerpt is from Chapter 1 of the free eBook "Administrator shortcut guide to patch management" written by Rod Trent and available at Realtimepublishers.com. Click for the complete book excerpt series.
Additonal reasons why patching is important
The majority of vulnerabilities can be solved by patching computers, when the patches are available from the vendor. Still, even with warning after warning about potential exploits in the wild, viruses and worms continue to proliferate. Attackers continue to be successful in disrupting computing worldwide. It's arguable as to why these attacks still happen. Some blame the vendors for developing poorly written OSs and applications, while others blame the IT administrators for being complacent. Whichever side you happen to be on in the debate, there is no mistaking that security is a top issue among both sides, and that poor security not only disrupts computing but also places cost burdens on an organization.
According to the consulting firm Computer Economics, the cost of the Sasser virus to businesses worldwide is thought to be as much as $500 million. The MyDoom virus will have hit $4 billion by the end of 2004. (Although MyDoom is an old virus, it continues to spread.)
In response to the latest Sasser worm, the Gartner Group is advising its customers to budget for extra security spending on Windows desktops in the wake of all of the problems caused by the worm. Poor security results in an increase in the overall cost of owning and operating the computing environment. We will explore the costs of ineffectual or non-existent patch management throughout the rest of this guide.
How patching fits into overall security
Granted, patching computers is only part of an overall computer security strategy, but it is arguably the most important. When you build security policies in your company, part of the policy will (or should) always include a patch management process. Although there are many ways to secure the environment and protect it from known exploits, the ultimate goal is to get the computers to the most current frame of security. This goal can only be accomplished by applying the latest security patches.
You can spend a lot of time deploying firewalls -- or modifying the firewall so that open ports are closed to attack, but whenever a computer leaves the confines of the company's walls, it becomes open to attack unless it is patched against the exploit or the vulnerability is eliminated (for example, through a vendor-supplied workaround).
Security is much easier to manage when none of the company's computers leave the office desks, but employees working from home or on the road make securing the environment more complex. The reality is that more companies must support remote and mobile employees -- and learn to secure an environment that includes such employees.
Click for the next excerpt in this series: Patching resources.
Click for the book excerpt series or visit Realtimepublishers.com to obtain the complete book.
This was first published in October 2004