One of the most important aspects of any IT administrator’s position these days is the ability to accurately patch their respective networks to avoid the potential for risk. That said, many organizations today perform regularly scheduled patch updates…however, not without difficulty!
A majority of the world’s IT professionals today leverage Microsoft’s Windows Server Update Services (WSUS) patching technology. While it does a fairly decent job with Microsoft applications, it falls short in its ability to address the ever-expanding challenges with patching non-Microsoft applications.
The challenge is that many IT administrators, especially in small and medium-size businesses (SMBs), have so much on their plate that it’s hard to just to research potential solutions to this issue, not forgetting to mention the ever-present budget challenges. Today many companies are running at unnecessary risk, not because they want to, but because they don’t have the time, tools or resources to address this growing problem. (See the ongoing discussion in the Spiceworks community: http://community.spiceworks.com/topic/144478-is-just-patching-microsoft-products-enough)
I equate this situation to a game of “hot potato,” where the need to address non-Microsoft patch related risks is generally understood, but is difficult to prove because of the absence of the proper tools.
For those of you reading this that fall into this categorization, I have an idea for you. Here’s where the game of hot potato comes in. There are tools readily available today that will give you (with VERY little effort) a quick assessment of your current patch state – for FREE. To start our game, you’ll need to run a quick patch assessment of your environment. We have a great website that can help you with this. Go to https://labs.shavlik.com/securityadvisor/ to start your network scan. Once you have the results (the hot potato), send the results to your supervisor with the appropriate commentary. If you do find your network at risk, strongly suggest to your supervisor that he or she needs to invest in something to address the existing risk, and if not…you can’t be held accountable. You’ve now just passed the hot potato. Congratulations!
This approach is very powerful because you’re able to provide demonstrative evidence of the problem you only suspected you have, and leverage the power of this information into some form of action. Good luck!