What Is Update Management and Why Do You Need It
Update Management is Essential for Your Company’s Cybersecurity and Productivity. Find Out How It Can Help You and How You Can Implement It!
Update management represents another term for patch management. Why is it important for any company? The numbers speak for themselves: up to 60% of data breaches are caused by poor patch management, around 30% of breach victims were aware they were vulnerable before the incidents, almost 50% of 3000 businesses surveyed reported they dealt with a data breach in the last few years.
It’s clear that this data is alarming. Let us discuss patch/update management and see exactly why it is an essential part of any good cybersecurity strategy.
Update Management – Definition
We said that update management is another term for patch management. But what is a patch?
As my colleague Bianca wrote in one of her articles,
Simply put, a patch is a piece of software code that improves an installed program – you can literally think about it as a “bandage” applied to software. Every time a security flaw is discovered or the program’s functionality needs to be improved, software developers create a patch to address these aspects. The need to completely redesign the program is therefore out of the question.
Consequently, patch or update management represents the
process that involves the acquisition, review, and deployment of patches on an organization’s systems. This practice helps IT staff keep up with newly released patches and make sure the updates are correctly deployed, check their status after deployment, and log the procedure.
Update Management – Risks
You might still think that patch or update management isn’t really a priority for your company. If that is the case, let me just mention some of the risks you face if you don’t give patch management enough attention:
The famous WannaCry, which affected more than 300,000 companies, and NotPetya got into the systems of the victims by exploiting a Microsoft vulnerability called EternalBlue, which my colleague Bianca describes as follows:
EternalBlue is the vulnerability exploit name for the Service Message Block (SMB) protocol (CVE-2017-0144) implementation in Windows. The weakness originated from a bug that made it possible for a remote attacker to execute arbitrary code on a targeted machine and transmit specially designed data packets.
EternalBlue was created by the United States National Security Agency (NSA) as part of a questionable initiative of stockpiling and weaponizing software vulnerabilities rather than reporting them to the relevant provider, according to denouncing comments made by Microsoft.
Eternal Romance, another vulnerability developed by the NSA, was exploited by the Bad Rabbit ransomware actors. Bad Rabbit mainly affected users in Russia and other countries of Eastern Europe.
Malware / Ransomware are not the only risks that companies who do not pay enough attention to update management face. There is also the danger of data breaches, and the examples are countless.
A vulnerability in Apache Struts exploited by the Cerber ransomware actors cost the US company Equifax $700 millions because the data of over 145 million people got exposed.
The insurance company Nationwide Mutual Insurance paid $5.5 million for a breach that leaked the data of 1.27 million people. The breach happened because of a web application vulnerability – for which a patch was available three years before the incident.
To sum it up, the general consequences of poor patch or update management are:
- money loss
- time loss
- reputation damage
Update Management – Advantages
This is, clearly, the most important benefit of patch or update management. Since we’ve seen what consequences a data breach or another kind of security incident can have, you cannot leave this cybersecurity aspect to chance.
Computer crashes represent, of course, a fair cause of low productivity levels. Patches minimize the possibility of crashes and downtime, so your employees would be able to handle their tasks without interruptions.
As we have seen in the cases of Equifax and Nationwide Mutual Insurance, data breaches are expensive. I believe you can agree that it’s best to comply with the national/international standards and use your money for the benefit of the company, not for paying fines.
Patches fix bugs, but they also include new features and functionalities, bringing innovation. Installing them will only make your work better.
Update Management – Types
There are various types of patches:
Hotfix – patches designed to fix a specific issue, developed and released as soon as possible. Hotfix patches are not always publicly disclosed.
Point release – point releases are small updates that are designed to fix software flaws, without adding extra features.
Maintenance release – maintenance releases are patches designed to fix multiple important issues.
Security patches – patches designed to correct vulnerabilities by preventing exploitation.
Service or feature patches – these terms refer to major collections of updates, fixes and feature additions that are delivered in a single installable package.
Unofficial patches – unofficial patches are patches created by third-parties, without the support of the original software developers. They may appear even when the software product has reached its end-of-life.
Monkey patches – monkey patches are a kind of unofficial patches that extend or modify the behaviour of a plugin or software product without modifying its source code.
Update Management – Possible Difficulties
You’ve probably understood so far why patching is important and what are the consequences of not doing it. However, you might encounter some difficulties in the process:
- If done manually, patching is a repetitive task that takes time and money – because you’ll need people to do it. Because of this, there is always the risk of human error.
- You would need to know exactly what patches are or will be available, so accuracy might be difficult to maintain.
- Even patches can break sometimes and the challenges here are to foresee it and to keep track of all the changes.
Luckily, there are a few things you can do to make sure that you implement an update management process that has a greater number of advantages rather than difficulties.
Update Management – Best Practices
Automate the process
As my colleague Bianca wrote in one of her articles,
[…] automation is key when it comes to patch management. By using patch management software and removing the manual patching processes from your IT teams’ activity, your personnel will not waste any more time. Furthermore, an automatic patch management solution can improve the quality of their work even more, as it will search for missing updates on a regular basis and check those already in operation. It will eliminate the effort and burden associated with conducting such activities on their own and open up resources that can be utilized for projects of greater importance.
Make an asset inventory
Asset inventories allow you to keep track of the hardware and software that your company uses, which will bring you better visibility into your environment.
Choose the right update management software
A good patch management software should have an intuitive dashboard, provide regular updates and integrate with other applications. Our Heimdal™ Patch & Asset Management solution, for example, can be used on its own or can be found in our top EPDR software, and guarantees you’ll have a detailed software asset inventory, inventory reports, deployment of Windows, 3rd party and custom software to your endpoints anywhere in the world.
It will update or downgrade software and operating systems from a unified dashboard and allow you to schedule updates at your convenience or push them immediately with zero user interruption.
Document the process
It’s important to have an overview of the patching process to see if a specific patch is missing, but also for compliance reasons.
Update Management – Wrapping Up
Update management is essential for the cybersecurity of any company, while defining a good patch management policy can save significant time and money.
However you choose to proceed, please remember that Heimdal™ Security always has your back and that our team is here to help you protect your home and your company and to create a cybersecurity culture to the benefit of anyone who wants to learn more about it.
Drop a line below if you have any comments, questions or suggestions regarding the topic of update management – we are all ears and can’t wait to hear your opinion!