0330 043 0826 | [email protected]
InfoSec Governance Logo

Patch management

Patch management

When it comes to technology, patch management plays a big part no matter where you are, whether you are working for a business or have a person computer, all devices should be kept up to date. Whether it’s a laptop, desktop computer, mobile phone or even a smart device. By ensuring that your devices are kept up to date you are ensuring that you have the latest updates and features for your product.

But it doesn’t just stop there, by implementing proper patch management you are ensuring that your devices are being kept updated and protected from known security vulnerabilities that could impact your device and in the worst case lose your personal information.

What is patch management?

So what is patch management? Maybe you’ve never heard of this term, or you are new to computers.  Patch management is a term whereby you are ensuring that all your electronic devices are being kept up to date regularly and depending upon the complexity and size of the environment, have it managed via tools or have the software configured to update automatically.

Most Operating Systems and devices are now built to automatically update devices, which is beneficial to everyone as it makes updating much easier. However larger businesses may want to manage what is updated and when. This is where management of patching comes in, maybe using Remote Management Tooling (RMM) or some other method.

Best practices

So now that we know a little about what patch management is, what are the best practices for applying updates and managing your patch deployments.

  1. Asset management

Assessment management is a core piece of the ability to update devices and implement your patch management solution. If you don’t know what you have, how do you know what to patch? Make sure you understand what devices you have, what Operating Systems they have, are they still supported and so forth.

  1. Automation

If you are a business, using automation should be implement were possible, whether this is through simply configuring all devices to use auto updates, or using tooling.  By using automation, you are cutting out human error and ensuring that everything is being updated at the same time.

The benefits of automation are:

  • Scan for missing updates
  • Being able to schedule when updates are applied
  • Notification of missing updates or when critical updates are applied
  • Generate reports and ensuring devices are kept up to date
  1. Apply updates to everything

When we talk about updates, usually people think about Operating Systems, but there’s more to it, ensure that your third-party applications are updated, such as Microsoft Office, Adobe Reader, Zoom. If you have smart devices, and mobile phones, ensure that these are also updated regularly.

  1. Routine patching

Making sure that you apply updates regularly in a routine.  Most companies will provide updates on a regular basis, check to see when these are and apply as soon as possible. NCSC and Cyber Essentials require that you update all high and critical security updates within 14 days of release.

  1. Ensure you have defined policies

Although applying updates to all devices, shouldn’t cause an issue, there is always that chance, you should ensure that you have documented processes in place to say what can and can’t be done and who to contact, should anything go wrong.

  1. Change management

Change management should be in place, so that you know what updates you are applying, what it’s going to affect and what the risk may be, if any. If something goes wrong, can you roll back and recover?