Many organizations lack an effective patch management program, especially when it comes to patching remote systems, says Action1.
Patch management is one of the trickiest but most essential tasks you can take to protect your software, systems and other assets. Cybercriminals know that organizations often fail to properly or quickly patch known vulnerabilities, leaving this a key vector for attack. Patching security holes has become even more difficult with the advent of the remote workforce as so many endpoints are now outside the network perimeter.
A report released Monday by remote management provider Action1 looks at the challenge of remote patch management and offers tips on how to more effectively secure remote endpoints.
SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)
For its 2021 Remote IT Management Challenges Report, Action1 surveyed 491 IT professionals around the world to learn how they patch and manage their remote and office-based endpoints. Among the respondents, most said they plan to keep at least some employees working remotely in 2022. However, they still bump into obstacles trying to secure and support their remote or hybrid workforce, particularly in the area of patching security flaws.
A full 78% of those surveyed said they ran into delays patching critical vulnerabilities at least a few times over the past year. And installing critical patches can take more than twice as long when the endpoint is remote. On average, organizations required 10 days to patch all remote devices with a critical update. In some cases, respondents said they need 90 days to accomplish this task.
Many organizations lack an effective and strong patch management process. Some 59% of the respondents said they use automated tools to roll out patches, but only for their operating systems and not for third-party products. Only 24% use automated cloud-based tools for both the OS and third-party programs. And some 14% revealed that they still manage all patches manually.
Several obstacles get in the way of effective patch management. Some 38% of the respondents said they can't get information about all updates in one place or prioritize them efficiently. Some 37% said they're saddled with too many non-integrated tools to track and deploy updates. And 27% lack the bandwidth to keep up with all the patches being issued.
Other problems cited included the complexity of the deployment process, errors and failures during deployment, employees not being connected to the corporate network during a deployment, and employees declining updates.
SEE: Password breach: Why pop culture and passwords don't mix (free PDF) (TechRepublic)
The lack of a strong patch management plan does have real-world implications. Among those surveyed, 77% of respondents said their organization was hit by at least one security incident during the past year. Out of those, almost two-thirds reported that the incident exploited a known vulnerability that had not been patched even though a patch was available.
To help your organization establish a better patch management process, especially for remote endpoints, Action1 offers the following advice:
- Automate your software patching. With many IT teams understaffed and overloaded, it's harder than ever to manually stay on top of the necessary patches. Make sure you automate your patching not just for operating systems but for third-party products. You also need to prioritize updates based on risk and streamline your patch management tools so you're not forced to juggle a host of different products.
- Make sure your IT teams have visibility into and control over remote endpoints. Before you can patch your remote endpoints, you need to know what and where they are. This especially applies to unwanted or outdated programs, which may need to be removed or replaced.
- Provide cybersecurity training for all employees. Education is vital for employees in the office and particularly working from home. Make sure users know how to spot a phishing attack and how to avoid risky behaviors such as working from a public Wi-Fi network or letting family members use their business devices. Promote a culture of cybersecurity where all employees encourage each other to practice good cyber hygiene.
- Set up an incident response plan. No matter how well you secure your network and remote endpoints, there's always a risk of a cyberattack. To ensure that you know how to react in a crisis, develop an effective incident response plan that you regularly test and rehearse.
- Working from home: How to get remote right (free PDF) (TechRepublic)
- Return to work: What the new normal will look like post-pandemic (free PDF) (TechRepublic)
- Coronavirus domain names are the latest hacker trick (TechRepublic)
- Employers are watching remote workers and they're monitoring these activities (TechRepublic)
- How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
- Managing accounts payable operations during COVID-19 policy (TechRepublic Premium)
- Security incident response policy (TechRepublic Premium)