Patch management may not be the most exciting job, but it’s an essential part of protecting your company data from destructive and costly security breaches. This collection of tips and best practices will help you fight the ongoing battle against the escalating barrage of attacks.
From the ebook:
If there is anything to be learned from the Equifax breach, it is that a set of best practices should be implemented in IT for software maintenance and critical patches. Here are eight ways to implement effective patch management.
Use metrics to give some visibility to software updates and maintenance
In one mainframe shop, the CIO kept a running record of how many days the mainframe ran without any unscheduled downtime. The record was 30 years and running! This certainly made the CEO and the board feel pretty good-and it gave some recognition to the folks in the trenches who were responsible for keeping hardware and software maintained.
Reward for performance
If you have metrics for maintenance, you can measure performance. Your maintenance staff should not be neglected because they aren’t superstar software developers. Recognize and reward them in salary increases and promotions.
Attack software bugs aggressively
Some noncritical bugs in software can wait—but if you’re faced with a security vulnerability, they can’t wait. The work must be at the front of the line—coming before projects.
Standardize your software version release process
With the growth of mobile computing, a plethora of devices now require installation of new software versions and patches. A standard software release process should be written and enforced to ensure that all devices are updated at the same time.