One of the biggest challenges IT
faces is trying to keep up with patching applications and operating systems. The stream of patches that need to be tested
and applied is overwhelming. Many times,
patches may not be accurate and may have to be rolled back.
The half-life of a vulnerability is
defined as the, ”time it takes to fix a flaw on half the instances of an application”. In 2009, the half life for many companies was
30 days to fix a vulnerability on half of its computers. In 2012, the number increased to 35
days. Java and Flash have terrible
half-life times. Internet Explorer and
Micorsoft Office have improved to about 15 days.
One answer may be a service that
provides custom patches. Building a
patch internally can be quite expensive.
Services that provide custom patches can slow the patch cycle, but the quality
and consistency of the patches can be improved. Outsourcing this service can free up your IT
people for other tasks. It is still
recommended that patches be staged, testing it on less critical systems first.
Those of you with experience working
from the chair of the one doing the patching, do you think this is a viable
option? Would this be a good idea?
No comments:
Post a Comment