Patching
Search
-
Recent Posts
Blog Tags
9/11 Advertising AOL API Apple AT&T Blogging Broadband Browser Connectivity Content e - commerce eBay Europe Google GSM History HTML IBM Intel Internet Internet Explorer Java Linux Media Microsoft Motorola MP3 Music OS Palm Search Social Networks Software Sony Standard Telephony Trends United States usability Video VOIP Wireless XML Yahoo-
On Twitter
- The Geography of the U.S. Recession http://ff.im/-bM7mY
- Facebook Ad Network, Virtual Currency Coming Sooner Than You Think http://ff.im/-bM5mL
- Amusing: RT @davewiner: Once had a kid explain to me about how people my age don't understand podcasting.
- RT @kevinmarks: on google you type in an intention and expect a machine response; on twitter you type an emotion and expect a human response
- Idea enemies http://ff.im/-bLfGv
Recently Read
- The Geography of the U.S. Recession (Daring Fireball)
- Facebook Ad Network, Virtual Currency Coming Sooner Than You Think (Silicon Alley Insider)
- Idea enemies (kottke.org)
- Four New Approaches to Mobile Payment (ReadWriteWeb)
- Laptop Steering Wheel Desk (Waxy.org Links)
Internet.com reports about the logic behind unpatched systems. A lot of it goes to the fact that system administrators are deluged with new patches and are fed up of high level alerts on inessential patches. However, when a system crashes, the blame falls squarely on the shoulders of the system administrator. In order to resolve this, two things need to happen:
First of all, there needs to be a better understanding overall of what danger security vulnerabilities represent. When it comes down to it, it is not just the system administrator responsibility to ensure that systems are secure. If software developers are careful in their implementations and consider security implications of the choices they are making when designing and developing software, the risk of an exploit is lowered.
Secondly, there is a need for better education in general. Most user neither know or care about vulnerabilities. By default, most machines are not even set to auto-update. There are a number of ways this can be solved. Operating System vendors like Apple, Microsoft, and Redhat already offer an automated way to apply patches to a machine. These tools should be turned on by default to ensure that “most” machines get patched properly. Following that, companies like Microsoft should be very careful when presenting the criticality of a patch and should review their processes to ensure that criticality is assessed properly.
These two steps will go a long way towards solving most of the problems. However, they will not go the whole distance. This is why I believe it is important for system administrators to establish a patch day, a single day every week when their sole focus is on ensuring that systems in their company are secure. Not only is it good practice to check your systems’ vulnerability often, but in these days of increased criminal activity in the online space, it is something that could save a lot of money in lost time due to viruses and hacks. Some people will probably say that to devote a full weekday (or 20 percent of one’s time) to security is ridiculous but if you account for the lost time and productivity, it may be more worthwhile to put the time into preventative care than in disaster recovery.
Comments are currently closed.
