Patching and Updates
Patching and Updates
PalisadeSECURE offer a range of Foundation services that are based around Cyber Security Operations – the heart and first line of defence for mitigating against a Cyber Security Attack.
Central to your Cyber Security Strategy is ensuring that your Operating Systems and the Applications running on them are kept up to date. Security patches are being released on an ever more frequent basis and keeping systems up to date requires robust planning and scheduling.
Good practice suggests that Operating System patching and Application patching should be carried out on a regular basis to avoid critical downtime caused by a Cyber Security Breach.
The implications of which are not only inconvenient, but bear both direct and indirect financial cost from loss of system access and potential industry fines.
Recently Talk Talk were fined a record £400,000 for security failings that led to theft of 150,000 customers’ details. The hack would have been preventable if a robust patching policy was in place.
Operating System Patching
Our team at PalisadeSECURE are experienced in deploying security patches across a number of Operating Systems including:
- Microsoft Windows – server and desktop operating systems
- Linux – including Red Hat, Centos and Debian
Operating System patching used to be fairly straight forward, particularly as Microsoft has a straight forward update release process. However, over the past few years we have seen the number of critical patches released has increased as well as break with release protocol where the risk has been deemed particularly high.
In a complex, multi-operating system server environment you have many challenges, including server ownership, stakeholder communication and end user expectations to take into consideration when approaching your strategy.
PalisadeSECURE work with you and the stakeholders to ensure that patches are delivered in a timely fashion while minimising risk and downtime to the business.
Application Patching, like Operating System patching is a critical part of the your patching policy. However, the additional risk and complexity involved means that extra need needs to be taken whilst understanding and deploying application patches. The negative impact to your business or organisation is high if your strategy is not sensitive to the extra requirements and processes that should be in place to ensure successful delivery of application patching.
This can be as simple as understanding how an application patch will behave with other applications and services running within the environment or ensuring that the communication plan includes all stakeholder, including development and support teams so they have an oversight upon potential issues that may occur.
Apart from propriety applications such as Adobe Suite, Microsoft Office and Java, PalisadeSECURE are experienced in patching bespoke or complex applications such as SWIFT, Oracle, Microsoft SQL and Exchange.
Benefits Of Outsourcing Your Operating System And Application Patching
There are many benefits to outsourcing your Operating System and Application Patching to PalisadeSECURE which includes accountability and a passion for delivering expectional service.
Operating System Upgrades
Equally as important as patching your operating systems and application is keeping your operating systems up to date. When new operating systems are released the clock starts ticking and you are obligated to upgrade before the support runs out.
Of course, this is and has always been optional but in today’s environment how optional is it? As soon as support for the operating system stops, so does the release of security patches (unless of course in very special cases such as the WannaCry outbreak).
In a complex environment, upgrading your operating systems can be a huge project with the huge budget that goes with it. From scoping to resourcing to the impact on the business, these are costs that can easily escalate.
This is where PalisadeSECURE recognise the critical importance of upgrading your operating system as part of a robust Cyber Security Strategy. The benefit of understanding this means that we can factor this into the services we provide.
PalisadeSECURE can optionally factor in Operating System Upgrades as part of our ongoing service. So rather than being on the back foot, we can help you be on the front foot and plan your operating system upgrades and provide a road map way in advance of critical support expiring.
Together with an End of Life program, ensuring software is kept up to date with the right planning, provides you with a good foundation for keeping your environment secure.
Hyper-visors such as VMWare ESX, Citrix XenServer and Microsoft’s Hyper-V have fast underpinned many fast growing infrastructure environments and provided the catalyst for cloud operating platforms right across the globe.
Central to any Cyber Security Strategy should be to understand that Hyper-visors are a critical part of the infrastructure that requires the same level of oversight as Operating System and Application patching.
PalisadeSECURE understand the complexities of virtual environments and can design and deliver a robust and effective Hyper-visor patching deployment program.
Our experienced technical staff understand the impact and complexities around Hyper-visor patching either stand-alone or as part of a broader patching policy.
The risk and impact of running BIOS updates has the potential to cause infrastructure teams much pain because of the type of change a BIOS update can have on the hardware and the way the software can react.
Ensuring an approach that matches the risk is adopted is critical to running a successful BIOS Update program.
PalisadeSECURE have the experience and expertise to ensure that the risk and impact is minimal. Running BIOS Updates as part of a robust Cyber Security Strategy is an important part of minimising the potential of a security breach.
End Of Life Management
End of Life Management forms part of a forward thinking robust Cyber Security Strategy. As soon as software is out of date, it poses a real threat to the environment it resides in. Thinking ahead and understanding your risk profile helps you plan for eventual upgrades and identify areas that can be consolidated or decommissioned.
Being close to your environment, PalisadeSECURE are able to play a pro-active or complete part in your End of Life Management Strategy.
Working with internal and external vendors PalisadeSECURE can keep a close watch of End of Life.
Additional Support Services
Depending on the level of service and type of involvement our team has within your environment, our resources can be used to provide additional support where opportunities are identified.
For example, you may require additional oversight of your anti-virus policy or help to roll out specific applications alongside your patching windows.
PalisadeSECURE recognise that from time to time we are in a position to provide additional support services where they have been identified as a benefit.