Being proactive with security (Patches)

How to floss your security system | CNET

Patch management is a little like flossing your teeth. Everyone knows they’re supposed to do it, but most of us still don’t. Some pundits say the simple answer for patching lies in proactivity. Get the patch applied before an incident occurs, and keep the problem from occurring rather than fixing it after the fact. That’s a simple truth, but in practice, it’s a lot harder to pull off than it sounds. It also contradicts the way security is usually addressed.

Part of being proactive is knowing when something doesn’t need to get done and when a patch requires immediate attention. Without a view to the overall systems, this point can be blurred. For example, a production server that’s accessible on the Internet may need to be patched immediately, while an internal server behind an intranet firewall and accessible only to trusted users might be able to sustain a lag time in the patch process.

All I can say is this writer gets it. She is right on all accounts. Diana Kelley, you get a gold star for the day. Knowing one’s environment and business culture is essential for securing it.


Comments are closed.