One of reasons for security breaches is that security patches have not been applied. The message from the vendor often seems to be: yes we screwed up but now there is a patch so it is not our problem anymore. They seem to expect everybody to jump on any new patch and install them in an instant...this seems not to be the case. Are people stupid or lazy (or both?)? I do not think so; I think it is a question of time and resources. Any given company or organisation runs several applications and hardware at the same time. Just to know that there is a new patch out there can sometime be a problem. Another problem is to find out if the patch will have any implications on the rest of infrastructure.
This is especially true when it comes the network and security infrastructure where many point products interact with each other (many times in strange ways...). As always there is no simple solution but I have over the years recommended a short list of things to do...
1. Make sure that you UTM products instead of point products...that is an easy one.
2. Limit people’s access to applications (when things goes wrong the problem is isolated)
3. Make a list of the most dangerous applications and systems you have and grade them.
4. Check how different point products interact with each other.
5. Make a due diligence plan..and do due diligence often..
With this you hopefully created time....use that to patch.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment