An effective patch management program is a company’s first line of defense against crippling software vulnerabilities and vicious network attacks.
Peregrine Systems advocates a proactive, holistic approach that integrates a patch management program with an organization’s asset and service management initiatives.
According to the CERT Coordination Center, vulnerability discoveries increased by approximately 400 percent between 2000 and 2003. As a result, today’s IT managers must keep pace with the plethora of software patches, and minimize exposure to security breaches between the time a vulnerability is discovered and when they can test and implement the patch safely within their IT infrastructure.
To mitigate the risk of an IT crisis, many organizations are deploying patch management capabilities as part of their service management solutions. Effective patch management requires an integration of best-of-breed products and best practices, such as:
– IT service management: Identifying and responding appropriately to reported incidents can significantly reduce the scope and impact of any exposure. Using Peregrine’s Service Solutions, organizations can determine if there is an increase in incidents reported to the service desk about a group of servers running a certain version of an operating system, and then take the appropriate actions.
– Configuration management and asset management: Automated discovery tools, such as Peregrine Network Discovery and Peregrine Desktop Inventory, can be used to discover IT asset data and feed it into a common configuration management database (CMDB), which can be accessed via the organization’s asset and service management software. The CMBD allows IT managers to create real-time reports that show an immediate and accurate view of the IT infrastructure, including all affected hardware when there is a security breach. With this information, IT managers can initiate rapid containment and patch deployment through an emergency change request.
– Change management: Deploying software patches to an organization’s operational infrastructure constitutes a significant change activity. To ensure that the request adheres to the defined standards for changes or emergency changes, businesses can use Peregrine ServiceCenter(R) Change Management software, which helps automate workflows for each change request.
– Release management: When deploying software patches across the entire IT infrastructure, IT managers should feed patch management activities back into the DSL (Definitive Software Library — the subset of ITIL configuration data that applies to software assets).
– Software license management: Before a patch is deployed, organizations should have processes in place to verify that their right to apply the patch is covered under current maintenance agreements.
– Service level management: Inadequate patch management can have a serious impact on the levels of IT service promised to business users. This issue is particularly significant for outsourcers and service providers, where such failures can lead to significant penalties.
By adopting comprehensive discovery tools, integrating them with asset and service management software (including change, service level and software license capabilities) and then implementing mature best practice processes, such as those from Peregrine, today’s global enterprises can improve the effectiveness of patch management initiatives while evolving their IT infrastructure to keep pace with the constant changes in dynamic IT environments.
ITManagementNews keeps you necessarily informed on the latest technolgies and trends including Production, implementation and support of mission critical systems and applications.
