Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Admins battle 'patch fatigue' – fixing security flaws should not be this hard

John E Dunn | March 14, 2016
Patching has always been work but how much is too much?

Admins suffering 'patch fatigue: Lesson 7 - patch management v vulnerability management

A subtle distinction can be drawn between patch management (the application of a software patch across an enterprise) and vulnerability management (which also checks for any steps that must be applied after the patch has been applied). According to Tripwire, only 43 percent were able to spot this distinction, which also effects products that are no longer supported but which might still contain vulnerabilities. Patch management won't notice this.

"A lot of people assume that they are overlapping tools that do the same job. There is a big difference between resolving a vulnerability and applying a patch," says Reguly.

In a perfect world, machines would patch themselves but for now that looks a way off. In only ten years patching has gone from the act of a conscientious employee to an everyday occurrence built into the job roles of admins across the globe. The next stage is to make it easier to do - and understand.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.