Patch Now, Not Later

Summary
Never before have there been so many potential costly threats to your business information. Protect your business by staying up-to-date with patches for all your software programs.

Introduction
According to the CERT Coordination Center at Carnegie Mellon, 99 percent of all reported security intrusions "result through exploitation of known vulnerabilities or configuration errors." That's why patching should be on your first line of defense against security threats. However, before you automate the patching function available on your software, make sure you are up to speed on the "whats, hows, and whys" of patching.

'A fix'
A patch is a small piece of code that remedies specific problems in a file or application. The patch update is applied as a replacement, complement, or a fix to existing programming. The availability of patches removes the need to download and re-install the entire file or application.
Patch updates only modify the portion of the program code necessary to correct or enhance functionality. These corrections and enhancements range from fixing bugs, to replacing graphics, to improving the usability or performance of a previous version of software. Sometimes software vendors release patches to eliminate functionality or to prevent users from performing a certain activity. This article addresses patching for security purposes.

The Need to Patch
Hackers often target home computers in an effort to steal personal information, such as social security and credit card numbers. So you can imagine the sort of information hackers can steal if they breached your small business network. Here are some issues to consider:

Web application risks - Web applications allow users to share, create, or modify content through a Web browser. While convenient and efficient, they are prone to vulnerabilities. Web application vulnerabilities are worrisome as they can expose information publicly over the Internet. They may allow access to confidential information from databases without compromising any servers. They may also allow an attacker to circumvent traditional perimeter security measures, such as firewalls, and are particularly dangerous because they could compromise an entire network by gaining access through a single local system.

Zombies - So-called zombie computers (or bot networks) are clusters of compromised computers on which attackers have installed software, allowing them remote control. Zombies are constantly searching for new machines to infect. Unpatched vulnerabilities are the usual culprits. Symantec feels that the security threat from these attacks will only worsen, especially in financial terms. Increasingly, zombie computers are being used for financial gain. Symantec expects this trend to escalate, as the diverse means of acquiring new zombies become more prevalent.

Vulnerability window - In the last six months of 2004, according to Symantec research, the average time between vulnerability discovery and the time it took to create an exploit was 6.4 days. As demonstrated by the recent Zotob virus, the vulnerability window is shrinking. This trend is precisely why systems must be patched immediately.

The Solution
IT Solutions' SharedVision (www.itsolutions-inc.com/our_solutions/shared_vision) service automatically downloads and installs patches on a daily basis so you don't have to think about it. Patches are reviewed daily and applied at night so you and your users aren't disturbed. And since patching your workstation is our responsibility now, if something goes wrong with a patch it's our problem – not yours. Call us today to find out how SharedVision can work for your business.