online computer training, education online, distance learning
 
Resources
  
 
  Articles  
  K Alliance  
  Countrywide Training    

Security Patch Management

Patch updates are a necessity in the software world. Each day new holes and vulnerabilities are discovered in the applications we use, and are exploited by hackers and cyber thieves on a frequent basis. Software vendors and manufacturers know this, and constantly try as best they can to improve their products. As users, we must keep up our end of security patch management and install the patches as soon as they are released to the public. As the software or network administrator within your enterprise, it eases the process of patch updates if you have a proper scheme in place when patches are available.

A policy or compliance should exist in the form of a risk management document detailing the various information assets within the organization. This way, critical parts of the business are always cared for in a timely method, without missing an area because it was not discovered or no one knew it required a security patch. Your company may also have certain procedures in place to ensure security updates are performed in a correct manner.

A follow up step would be to determine exactly which hardware, software, network and other communication assets fall under your purview. Also, how they connect with the rest of the infrastructure. A list of tangible assets allows you a concise vision of each and every workstation, software application, network service, or other related protocols in use and which ones have been retired. This way, it becomes clearer which assets require a higher version or a new patch as new vulnerabilities are discovered. Web sites dedicated to new and past threats constantly update security broadcasts as malware enters the wild. Especially when they alert you to threats previously unknown. Keep up with these sites and constantly remain aware.

Give the needed patch requirements a rank in terms of priority. By placing your items in a system of highest need first, security is handled in a way that keeps overall productivity flowing and eliminating the most crucial vulnerabilities first, then working your way down to the less vital security holes.

Always remember to document your actions, as future updates are much easier and important to keeping productivity on line. You may discover areas that were missed before, and in need of greater security. For instance, everyone should have a firewall in place. Is the software as strong and up to date as it can be? Are there any new or past holes in the firewall that could be exploited? How about remote or partner connections to your network? Are they as secure as they can be, or do they pose a weak link in your security foundation? Virtual private networks assist in securing business to business transactions. Your incoming and outgoing access control lists and ports should be protected on both ends, from your standpoint and the side of external access into your infrastructure.

Your intrusion logs are important, and should not be overlooked. Their continued function is critical in the occasion an intrusion attempt makes it way into your network, and it also displays the frequency your infrastructure has been attacked. You should be able to understand the logs and the information they keep. Do you have the ability to create new rules if necessary in order to keep your prevention system up to date in blocking new threats from hackers, other hosts or networks? Have any new exploits appeared in need of repair? Does your intrusion provide alerts the same moment the attacks appear?

Viruses appear without warning, as many of them are created and let loose every single day. Therefore, your antivirus solutions need their databases of virus signatures updated as soon as possible. It is a good idea to support your antivirus software with features including blocking of ports, processes and firewalls built into the antivirus protection. Every little bit helps.

Not every port on a workstation or network is necessary for daily functions. Any port or service that is not needed should be disabled before it becomes an opening for intrusion. If known, these ports and services should be disabled before an asset is dispersed to the work force or installed within your network. There will always remain some services and ports that are part of your list of exceptions, necessary to keep productivity moving. These ports and services should have limited and controlled access.

Everyone wants certain permissions at their particular workstation. A good security scheme limits how many users are provided administration rights and privileges. Even when working on a local station, remember to log back out and return to the user’s permissions. Once a user notices the administrator left the station with higher rights initiated, the user will take advantage of the situation.

Good security dictates a risk assessment statement or documentation involving the various threats and vulnerable opportunities that can control your hardware and software assets. By annotating how the threat can diminish your security and affect the organization brings awareness to those who may have missed the situation. The document can even specify the likelihood the threat can or will attack, how it will impact the organization, and rank the threat according to the influence it will have if it does manage to work its way into your systems.

Once your entire assessment have been concluded, always bring management into the conversation, alerting them to your discoveries. This way, everyone understands the ramifications of lost productivity, business revenue, and downtime while bringing disaster recovery into the mix.

Patch management and installations are usually performed after business hours. Everyone realizes the infrastructure will be unavailable during this time, especially remote users and external considerations that access the network resources. Data centers should have a separate test environment in case the patch does not integrate with the system. Rolling back to the previous version is much easier if compatibility testing is performed in this manner. If a patch has not been applied for quite some time, or is a major upgrade, the testing will alleviate headaches down the line. Your test environments should mirror your development and live structures already in place. Once you are satisfied the patches will successfully integrate into the system, you are free to apply them to the live environment. Follow your priority structure you assessed earlier, and reboot systems per patch. Waiting until the end does not alert you to the particular patch that causes a problem, and makes troubleshooting a longer and harder process.

CISSP training courses bringing understanding in the area of information security training is a huge advantage to organizations in need of a stronger security methodology. Network security, environmental security, organizational security, telecommunications, access control, application development security, risk management, and more is available from the fine courses in the K Alliance training catalog.

About Us: Online Training Direct has a complete stable of online training courses including IT certification training designed to increase your IT knowledge base. Quality computer training, IT boot camps, and business soft skills are easy to master when you use Online Training Direct. Online Microsoft Windows 7 training courses teach you the basic and advanced features and functionality of Microsoft's most popular operating system. Online Training Direct is your one-stop source of enjoyable and informative training videos.

 
  
  
Articles - Contact - Online Training Direct
Home Page About Online Training Direct Contact Online Training Direct View Online Training Direct's Catalog Try a Free Online Course Demo