Are You Patching Fast Enough?

Micro Focus Expert
Micro Focus Expert
3 0 1,268

With all that's been going on in the world lately, it's been challenging (at best) to stay on top of the patching and compliance management tasks that are crucial to enterprise security. Make no mistake about it, while everyone is simply trying to navigate their way through these challenging times, there are plenty of nefarious individuals out there looking to take advantage of all the chaos for their own personal gain. For instance, have you heard of the latest Microsoft Windows vulnerability called Zerologon? No? Well it's a scary one! Basically anyone with access to your network can obtain the password to your domain controller! So the question becomes are you patching fast enough to keep your organization protected against new threats?

While this should be a seemingly easy question to answer, oftentimes the answer depends on the structure of your IT department, your role within the IT organization, and the tools that you use in order to secure your datacenter. Let's take a look at each of these and see how they can affect your ability to quickly identify and respond to new security threats.

Structure

First off, believe it or not, the way that your IT organization is structured may result in slower response times when identifying and remediating security risks based on missing patches. For instance, most corporations have separate security and operations teams that work independently of each other. While this may seem logical, research has shown that having separate teams slows key processes including threat detection, identification, response time, and remediation time.

Micro Focus OpsSec Research Report Screenshots_Page_10.png

 

Think about this for a minute and you'll see it makes some sense. In a fairly typical organization, the security team would generally be the first team to learn about the vulnerability. Since this vulnerability is a missing patch, they would create a service ticket and pass it along to the operations team. The operations team then has to figure out which servers/resources are affected by this missing patch, then go through the process of contacting the resource owners and coming up with a plan and a maintenance window to install the patch. This whole process can be long and drawn out, leaving your datacenter exposed and at risk.

Role

Now let's compound this problem a little bit. The research that I referenced above also shows that - depending on your role within the IT department - you may have a very different viewpoint on how quickly you or your team are responding to new threats.

Micro Focus OpsSec Research Report Screenshots_Page_19.png


As you can see, 54% of executives felt that their operations team was proactive and did not wait for direction from the security team to fix security issues; however, only 40% of front-line operations workers felt the same way. Similarly, 84% of executives felt that their operations team was actively running scans for security vulnerabilities, while only 64% of front line operations workers felt the same. So what does all this mean? Well there is obviously a disconnect between what executives think is being done and what is actually being done. So now you potentially have a second issue - miscommunication - that is slowing down your ability to respond quickly to security threats. Executives feel that their teams are proactive and prepared for these threats, but that may not be what's really going on!

Tools

The third aspect that I mentioned earlier centers around the toolset(s) that you use to secure your datacenter. More and more organizations are requiring that their teams produce a risk state report for executives. This makes a lot of sense, as organizations want to eliminate the miscommunication aspect that I mentioned above and ensure that their datacenter is properly protected. However, producing a risk state report is often a time consuming task! Given that it generally takes so long to produce such a report, the report is almost useless as soon as it's finished.

Micro Focus OpsSec Research Report Screenshots_Page_16.png

 

The Bottom Line

As we've seen here, there can be a multitude of issues that can affect your ability to respond quickly to new security threats. The key to responding to threats quickly is to streamline processes, improve communication, and constantly monitor your datacenter for vulnerabilities. Sounds impossible right? Well lucky for you, Data Center Automation (DCA) can help you tackle all three of these issues!

With DCA, you can enable your operations team to be more proactive in identifying and remediating security issues, eliminating the need for them to wait for direction from the security team first. DCA's risk and compliance dashboards help keep everyone in the loop--executives can quickly view the risk state of the datacenter, and the operations team can quickly identify, prioritize, and remediate security issues.

Lastly, DCA's dashboards, along with its new reporting features based on the ITOM Reporting Service, reduce the time it takes to produce a risk state report to show to executives. With all of these features and more, DCA helps you patch faster and smarter, helping keep you safe from vulnerabilities such as Zerologon.

Find out more about how DCA can help you by vising our partner portal pages.

Additional Information

We’d love to hear your thoughts on this blog! Comment below.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.