5 Secrets to Achieving and Sustaining Resilience

GettyImages-608512524There is one thing you must do – and keep doing – to start down the path toward true enterprise resilience: Patch everything. All the time. Starting now.

To make your enterprise truly resilient you need a firm, reliable foundation of security. The successful laying of that foundation begins with patching. Why is this step so critical to effective security and enterprise resilience? Here are a few reasons:

According to the Verizon 2015 Data Breach Investigation Report, “Many existing vulnerabilities remain open, primarily because security patches that have long been available were never implemented. In fact, many of the vulnerabilities are traced to 2007—a gap of almost eight years.”

Gartner analyst Anton Chuvakin addressed this grave security concern in one of his blog posts.

“Although patching has been ‘a solved problem’ for many years, even decades, a lot of organizations struggle with it today—and struggle mightily,” he observed. “In the darkest woods of IT, patching third party applications on a desktop remains a significant challenge for many organizations.”

By the way, the National Vulnerability Database managed by the National Institute of Standards and Technology (NIST) states that some 86 percent of reported vulnerabilities come from third-party applications. So even the most robust patching of operating systems is inadequate to assure that your environment is secure enough to be truly resilient.

Do whatever it takes to ensure that all of your enterprise’s critical applications, operating systems, servers, and user devices are patched and updated consistently and in a timely fashion. Then begin the following actions:

  1. Plan – To make and keep your enterprise as resilient as possible, you and your team must develop and implement a comprehensive, business-centric plan for achieving and sustaining the resilience levels your business demands. Whether described as “high availability,” DR/BC, or otherwise, the goals of your plan should be the same—maximum resilience. And that plan requires a well-thought-out planning lifecycle, which in turn depends upon a formal, detailed policy for DR/BC.
  2. Analyze – Your plan should also be based on a business impact analysis (BIA) that maps out all critical processes, systems, and services, their owners, and their interdependencies. You and your team should then establish formal recovery time objectives (RTOs) and recovery point objectives (RPOs) for all critical business functions and supporting services. In addition, all of your service level agreements (SLAs) should be closely aligned with these objectives.
  3. Engage – To be as successful as possible, your plan must also include specific guidance for keeping the constituents IT supports engaged and informed about efforts to maximize resilience, security, availability, and recoverability. Such marketing and sales efforts may be unfamiliar territory for many in IT. However, they can be essential in gaining support from and eliminating objection or obstruction by those constituents.
  4. Update – Finally, a comprehensive plan must also include specific recovery and continuity plans and procedures. It must also include processes for testing these regularly and for regular review of all relevant policies, plans, processes, and procedures.

No enterprise can be fully agile or trustworthy if that enterprise is not sufficiently resilient. In fact, insufficient resilience can kill an enterprise in the face of a major disruption or disaster.

Begin by patching everything, all the time, starting now. Then, assess whatever current DR/BC resources and efforts are in place at your enterprise. Evaluate and triage these, then build upon them to reach and maintain the levels of resilience you, your constituents, and your enterprise want, need and deserve.

1020Patching_CTABanner_527x150

Surviving the Storm With Agility and Resilience

Data warping into safe box - 3D Rendering“The oak fought the wind and was broken, the willow bent when it must and survived.” – Robert Jordan, The Fires of Heaven

Many businesses are suffering the same fate as the oak mentioned in Robert Jordan’s quote. It’s Jordan’s willow that is standing the test of time thanks to its agility and resilience.

Business resilience

As is true with business agility, business resilience is a much broader and deeper consideration than many typical discussions of the subject.

Discussions surrounding resiliency tend to focus on disaster recovery and business continuity (DR/BC) tactics and tools. However, true business resilience is more than disaster recovery and even more than business continuity.

True enterprise resilience is a strategic focus on maintaining operational integrity and restoring it as quickly and completely as possible after any disruption—planned or unplanned, minor or catastrophic.

ISACA

ISACA (formerly the Information Systems Audit and Control Association) is a membership organization that provides certifications, information, and guidance focused on auditing controls for computer systems.

Volume 3 of the 2009 ISACA Journal features an article by information security expert John P. Pironti called “Key Considerations for Business Resiliency.” That article provides both a comprehensive definition and a significant caveat for those pursuing business resilience (or resiliency).

“Business resiliency is the maturation and amalgamation of the individual processes of crisis management, incident response, business continuance and disaster recovery into one succinct set of processes and capabilities that work collectively, instead of independently.

This combination allows organizations to have minimal disruption in the event of a business-impacting incident that affects the entire organization, instead of focusing on incidents that involve specific information infrastructure areas.

“When evaluating these capabilities, it is important to understand that they are only as effective as the proactive planning and considerations that go into their development. Too often, planning accounts for only the most obvious considerations and does not incorporate crucial and essential considerations that have a greater effect on the business.”

Resilience defines the bottom line

As the ISACA quote above states, resilience includes multiple other elements beyond DR/BC. Despite the inclusion of BC in the description and intent of most DR/BC plans, these tend to focus on DR and IT.

True resilience, however, focuses more on the needs of and effects upon the business.

The goal of true resilience is to enable the business to avoid threats, disasters, and disruptions, and to recover rapidly and seamlessly from those that cannot be avoided.

A specific focus area for resilience plans and strategies is the availability of essential IT and business services. Small-seeming differences can mean a lot.

For example, the difference between 99 percent availability and 99.9 percent availability is the difference between just more than 10 minutes and 1.68 hours of downtime every week. Most IT service level agreements (SLAs) focus on availability levels of 99.99 percent, or “four nines,” and 99.999 percent, or “five nines.”

These differences merely hint at the range of options available to those seeking to balance availability with cost, since higher availability almost always requires higher investment in infrastructure. IT decision makers are often significantly challenged by the need to associate costs with availability levels in ways meaningful to their business colleagues.

This challenge is a primary driver behind the growth of enhanced reporting and “chargeback” and “showback” features in IT infrastructure and service management offerings.

However, these can only improve the presentation of relevant information. They do nothing to make the underlying infrastructures and the services they enable more available, resilient, or robust. Such features can and should be included in resilience strategies and solutions, but they cannot and should not stand alone.

1020Patching_CTABanner_527x150

The One Thing Leading Businesses All Have in Common

GettyImages-513642194Agility is more than simple, reactive adaptability. It’s even more than what’s usually covered by the discipline known as “change management.” (An aside: to succeed with change management, it is often necessary to… change management.)

So, what exactly is agility?

In August 2014, The Center for Effective Organizations (CEO) at the University of Southern California (USC) published its first book, The Agility Factor: Building Adaptable Organizations for Superior Performance. The Center has conducted its Organization Agility Research Program for more than a decade and studied more than 230 companies as part of the research that led to the book.

The authors found that “consistently high performers possess a capability to change their resources and processes repeatedly.” Such enterprises also “have the strategies, structures, resources, processes, and routines that allow them to both sense and adapt to environmental threats and opportunities as well as intentionally execute on strategic initiatives.”

This comparatively broad and proactive view of agility requires an equally agile IT infrastructure—and to be truly, reliably agile, that infrastructure must be secure.

Agility’s bottom-line benefits

Security obviously matters to those focused on agility, but why should those who focus on security care about agility?

In 2006, organizational effectiveness experts Edward Lawler and Christopher Worley wrote the book Built to Change: How to Achieve Sustained Organizational Effectiveness. According to Lawler and Worley, between 1973 and 1983, 35 percent of the top 20 Fortune 1000 companies were new to that list. That percentage of new top-20 companies grew to 45 percent between 1983 and 1993, and to 60 percent between 1993 and 2003.

Many, if not most, of the companies displaced by newcomers to the Fortune 1000 top-20 list not only fell to lower positions but ceased to exist entirely. Why? Because they were not sufficiently agile. So agility can be seen as a type of job security for security teams and their colleagues across the enterprise.

Agility also has more direct and positive effects on an enterprise’s bottom line, as a separate USC CEO study revealed. For that research, the Center evaluated the financial performance of more than 240 large firms across 17 industries and 30 years. “In every industry we studied, there were two or three ‘outperformers’: companies that achieved above average industry…performance more than 80 percent of the time.

When we compared our survey and interview data with the performance data, we observed a strong relationship between a company’s basic approach to management and its long-term profitability patterns. When markets and technologies changed rapidly and unpredictably—as they did in every industry over these 30 years—the outperformers had the capability to anticipate and respond to events, solve problems, and implement change better than thrashers. They successfully adapted. They were agile.”

1020Patching_CTABanner_527x150

User-Centered Security Is a Fine A.R.T.

Cyber Security

While every enterprise is different, there are three fundamental characteristics common to all successful modern enterprises. The successful modern enterprise is:

  • Agile – able to navigate nimbly all types of internal and external change, expected and unexpected.
  • Resilient – able to avoid threats, disasters, and disruptions and to recover rapidly and seamlessly from those that cannot be avoided.
  • Trustworthy – able to credibly demonstrate and document operational transparency in ways that create and justify high levels of trust among all stakeholders.

It turns out there is also a single prerequisite for all three of the characteristics that make an enterprise “ART-ful.” That prerequisite is security. Specifically, user-centered security.

User-centered security is a focus on what users use to do their jobs—applications, information, devices, and network connections. Protect those things, and you can protect users from being victims of malware and other threats. Just as important, you can also protect users from being conduits into the enterprise for malware and other threats, all while keeping critical enterprise resources safe.

How to Achieve User-Centered Security

User-centered security is not only desirable, it’s achievable. The Australian Signals Directorate (analogous to the National Security Agency (NSA) in the United States) estimates that up to 85 percent of targeted attacks on IT environments are preventable by taking four simple steps:

  • Application whitelisting
  • Timely application patching
  • Timely operating system patching
  • Restricting administrative privileges to users who really need them

Unfortunately, such protections are like smarter eating and exercise habits. Most of us know what would be best for us to do, but we don’t always do it.

Take patching, for example. In an April 2015 alert, the US Computer Emergency Readiness Team (USCERT) identified the Top 30 Targeted High Risk Vulnerabilities. The newest dates from 2014, the oldest from 2006. That means there are patches designed to remediate all 30 vulnerabilities, but many enterprises have not yet installed those patches, for whatever reasons.

Agility, resilience, and trustworthiness are the pillars supporting the successful modern enterprise. User-centered security, beginning with timely, effective patching, is the foundation that supports those pillars and enables the enterprise to implement the practices, processes, and services that make agility, resilience, and trustworthiness possible.

To build that foundation, your enterprise must first automate, integrate, and optimize management of its IT security efforts, starting with patching. As these efforts make IT security more consistent and user-centered, that security can be expanded across all of the IT-empowered services that enable the business. Security and its effective management make up the bedrock that complements the foundation.

Of course, none of these strengths can be achieved or sustained by processes or technologies alone. As with almost everything else a successful enterprise does, effective security and ART-fulness are achieved and sustained by people. Specifically, you and your people in concert with colleagues from across your enterprise. Evolution into a secure and ART-ful enterprise requires leaders, evangelists, champions, and supporters to implement and manage the user-centered security policies, processes, technologies, and services that make ART—agility, resilience, and trustworthiness— possible.

1020Patching_CTABanner_527x150

A Three-Pronged Approach to Thwarting Healthcare Data Breaches

A 3d render of a large connected network of security padlocks. Online digital security conceptAging software, shared access, and the growing popularity of mobile devices has made the healthcare industry an easy target for hackers.

According to Healthcare Informatics, data breaches at health institutions represent 21 percent of global cyberattacks in the first half of 2015, exposing the personal information of millions of customers. Hackers are selling that data for hundreds of thousands of dollars.

To enhance security significantly, healthcare organizations can and should harness two strategies. One is comprehensive operating system and software application patching. The other is securing access to personal health information, personally identifiable information, and other business-critical information, for fixed-location and mobile users, devices, and applications. Both are relatively simple to implement and unlikely to generate user resistance.

Patch Management

Most breaches start with malware infection and most malware infections exploit vulnerabilities in unpatched software. Comprehensive patching of operating systems and software applications is, therefore, essential for maximum security and for compliance with relevant laws, regulations, and business requirements. This is especially important in environments that include old and shared systems running many different types and versions of operating systems and software.

Many organizations have spent years perfecting their server operating system and Microsoft software patching strategy, using essential tools such as Microsoft System Center Configuration Manager (SCCM). However, hackers seeking softer targets now focus their efforts on vulnerabilities in common, less-widely protected, third-party applications and browser add-ins, such as Adobe Acrobat Reader and Flash Player, Google Chrome, Mozilla Firefox, and Oracle Java.

According to the Center for Strategic and International Studies, 75 percent of attacks use publicly known vulnerabilities in commercial software. The 2016 Verizon Data Breach Investigations Report says that the top 10 vulnerabilities are responsible for 85 percent of all successful breaches and that eight of those are 13 or more years old. Attacks aimed at these and other vulnerabilities can be easily and consistently thwarted by regular patching.

Tools such as Microsoft SCCM excel at automated operating system patching. However, their abilities to patch third-party applications are insufficient.

Secure Information Access

Healthcare organizations looking to support mobile device use among doctors and other healthcare staff should start with a strategy that focuses on comprehensive, consistent protection of information. To be of maximum effectiveness and value, such a strategy must provide protection from threats whether users’ devices are “at rest” or “in motion.”

By far, the most widely used application is email. An effective data protection strategy must therefore be equally effective at guarding against malware hidden in email attachments and in other file types, whether those are being accessed by users of mobile or fixed-location devices. That strategy must also provide effective protection against threats from rogue applications.

The Shavlik Solution

Shavlik offers three essential tools for implementing a comprehensive software patching and information protection strategy:

  1. Shavlik Patch for Microsoft System Center integrates tightly with Microsoft SCCM to extend its patch vulnerability detection and deployment to third-party applications. Using SCCM’s own patch delivery mechanism, Shavlik Patch monitors and patches hundreds of popular, third-party applications, including those of Adobe, Apple, Google, Java, and Firefox. The intuitive Shavlik Patch SCCM console plug-in eliminates the manual steps required to define and load patch information into SCCM.
  2. For organizations that aren’t using SCCM or that lack an existing tool for server patching, Shavlik Protect is an effective, easy-to-use solution for automating the patching of everything from data center servers to client workstations and virtual environments.
  3. Advanced Endpoint Protection from BUFFERZONE, a Shavlik partner, provides effective, transparent protection of authorized applications and critical information from a wide variety of threats. This solution uses virtual containers to isolate entire application environments, including memory, files, registries, and network access. Malware, whether known or new, is restricted to the boundaries of the virtual container, never actually reaching the user’s system or the rest of the network. The BUFFERZONE solution can even defeat infections by ransomware or removable storage devices. Its protections provide a strong complement to Shavlik’s patch management offerings

Where hackers are concerned, the worldwide healthcare industry is a prime target, but healthcare organizations can take steps today to ensure that they are protected. A security strategy that encompasses automated, comprehensive application and operating system security patching and secure information and application access can be implemented quickly and cost-effectively. Such a strategy can provide comprehensive protection from both known and emerging threats and attacks.

1020Patching_CTABanner_527x150

The Black Market for Medical Records and What It’s Costing Hospitals

Cybercriminals have discovered how profitable it is to steal and sell personal healthcare information. Now hospitals and medical centers are warding off more cyber-attacks as hackers look to pad their bank accounts.

89% suffered data breaches between 2014-2016

Between 2014 and 2016, 89 percent of healthcare organizations experienced some kind of data breach, according to a study conducted by the Ponemon Institute. The study found 45-percent of those organizations were hit five or more times in that same time period.

A majority of breaches, 68 percent to be exact, can be traced back to lost or stolen devices with access to sensitive data, this according to a Forbes article on the recent trend in attacks on the healthcare industry.

112 million records compromised, selling for $10 to $500 per record

In the first half of 2015, the healthcare industry suffered more than 20 percent of global data breaches in which 84.4 million records were compromised. By the end of that same year, 112 million records had been accessed in a total of 253 breaches, according to Forbes.

So what’s the payout? On the black market of stolen data, sensitive patient information is worth anywhere from $10 to $500 per record, compared to credit card numbers which only sell for about a dollar.

While hackers make money, these attacks are proving to be costly for medical providers. In December of 2014, Anchorage Community Mental Health Services agreed to pay a $150,000 fine for violating HIPAA laws as a result of a data breach.

Hackers are also using stolen information to make fraudulent Medicare claims and pocket the cash. The feds lose roughly $60 billion to Medicare fraud annually.

99.9% of exploited vulnerabilities were compromised more than a year after a patch

With aging software running equipment used by techs, nurses and doctors – plus, the growing popularity of being able to access critical medical data on mobile devices, the time is now for health providers to reinforce their IT defenses.

Don’t let the hackers win!

Shavlik solutions offer superior protection for data centers, endpoints, and mobile devices. A security strategy that encompasses automated, comprehensive application and operating system security patching and secure information and application access can be implemented quickly and cost-effectively. Such a strategy can provide comprehensive protection from both known and emerging threats and attacks.

1020Patching_CTABanner_527x150

Why the Healthcare Industry Is an Easy Score for Hackers

GettyImages-178528836Worldwide, healthcare represents an industry that is worth several trillion dollars—and it is anything but secure. Several billions of dollars are lost each year to healthcare fraud, much of which involves compromised medical records.

In September 2015, Healthcare Informatics reported that in the first half of that year alone, the healthcare industry suffered 187 breaches, 21 percent of the 888 breaches reported worldwide. Those healthcare breaches resulted in 84.4 million compromised records or 34 percent of the worldwide total.

As reported in May 2016 by eSecurity Planet, the Ponemon Institute’s Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data found that 89 percent of healthcare organizations were breached in the past two years. That same study found that 45 percent of those organizations had been breached five or more times in the same two-year period, the report added.

Healthcare as a target

Clearly, the worldwide healthcare industry is being increasingly targeted by the worldwide hacking industry. There are two main reasons for this: financial gain and opportunity.

  • Financial gain

Hackers have searched out other opportunities. The black-market value of a credit card number has fallen to about $1 per record, as financial organizations have become better at securing their databases, thwarting threats, and remediating successful breaches.

Meanwhile, the value of personally identifiable information (PII) such as Social Security or National Insurance numbers, are now worth 10 to 20 times that much, according to published reports. However, some hackers apparently offer “volume discounts.”

A June 2016 eSecurity Planet report said that a hacker was offering to sell 700,000 stolen records, including Social Security numbers and other PII for $655,000. This may have been a “loss leader,” however.

When personal health information (PHI) is added to the equation the value is even higher. Hackers or their sponsors can pose as doctors and use that PHI to file very profitable fraudulent insurance claims or order and resell controlled substances and medical equipment. Even without specific medical information, criminals can use PII to apply for loans. When combined with other information and counterfeit documents, PHI records can sell for as high as $500 each, according to a December 2014 Forrester Research report.

  • Opportunity

When one type of target becomes hardened, hackers tend to refocus their efforts on less secure types.

For example, after financial and retail organizations became better at securing centralized databases, hackers found ways to breach less-secure retail point-of-sale (POS) systems. Healthcare systems are ripe for this “soft target” approach and have been for some time now.

According to a warning issued in April 2014 by the FBI and obtained by Reuters, “The healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors. Therefore, the possibility of increased cyber intrusions is likely.” Current reality proves the prescience of that warning, and provides several reasons for its accuracy:

From a cybersecurity perspective, healthcare IT environments are chaotic. PCs are shared by multiple doctors and nurses. Aging medical equipment relies on software that rarely — or never — gets updated, and on outdated, unpatched, and sometimes even unsupported operating systems. In many cases the software provider may no longer even exist, making security updates difficult or impossible.

Doctors and other healthcare providers increasingly insist on using smartphones and tablets to exchange email with colleagues and patients and to view medical images and information at the bedside, at home, and on the road. The number and variety of mobile devices, operating systems, and system versions needing support create an unwieldy management and security quandary for healthcare providers and their IT and security teams.

This growing demand for mobile access to healthcare-related data has led to an escalation of data theft from lost or stolen devices. Some industry watchers estimate that lost and stolen devices account for as many as half of all healthcare cybersecurity breaches.

Solutions for managing and securing mobile devices and information can be unwieldy and generate resistance. Many solutions force users to switch back and forth awkwardly between managed corporate and unmanaged personal applications on the same device.

Other solutions require users to accept having their device usage monitored and managed when they are at home and at work. Many users consider such scrutiny an invasion of their privacy. Unfortunately, such disruptions and perceived intrusions cause some users to find ways to “work around” tools and measures intended to keep those users and the information they access secure.

Thus, many healthcare organizations allow medical staff and employees to connect their mobile devices to corporate networks, with little to no confidence in the security of those devices or their connections to critical corporate or private patient information.

Stay protected with Shavlik Protect + Empower and download your FREE copy of our whitepaper below.

1020Patching_CTABanner_527x150

Patch Tuesday Forecast September 2016

We are only a few days away from September Patch Tuesday and just for a bit of nostalgia I dug up this old image.  Circa 2010 Minimize the Impact of Patch Tuesday banner.

webinar

So, here are a few things to watch our for to help minimize the impact of Patch Tuesday, a quick tip to help you tune your process, and our forecast on what we think you should expect this month.

On the Horizon

Based on the sheer volume of questions I’ve had about this I’m going to go out on a limb and say that the servicing changes Microsoft plans to implement in October are a hot topic right now. Microsoft’s announcement to move all pre-Windows 10 OSs to the same bundled update model has stirred up concerns from their customers. I will start off with the same recommendation I have given everyone so far: keep breathing. But also know the facts. Microsoft will have a security bundle that will release each month that includes updates for IE and the OS. There will be a cumulative bundle option as well that will include non-security fixes and feature changes. The security bundle will be the way to go for most organizations.

The fallout from this event will be a more pronounced need for application compatibility testing. If you recall January’s Patch Tuesday, the Windows 10 cumulative update caused Citrix’s VDA Client to break. This is exactly the type of scenario companies I’ve spoken to are concerned about. Fortunately, Citrix worked with Microsoft and moved quickly to resolve the VDA incompatibility that the cumulative update caused. Microsoft updated its release to detect if VDA was installed, and if it was, then the cumulative update was not installed. This process left their customers exposed to many vulnerabilities in the January release, but Citrix turned a fix-around in short order and together they reduced the risk to their common customers to only a week of not being able to push the January updates.

But this was two software giants working together; the issues will be more pronounced with less common products or vertical specific products, such as healthcare devices or manufacturing systems that run on Windows systems. Home-grown applications and applications developed by vendors who are no longer in business may be less of a concern on Windows 10, but on older systems they are much more common. Which brings us to our tip of the month!

Patch Management Tip of the Month

Application compatibility is the biggest hurdle to effectively remediating software vulnerabilities. Most companies we talk to have an exception list of updates that conflicted with business critical applications. This has been a rising concern for companies as they evaluate Windows 10, and now will become a concern for their existing systems come October. The looming inability to pick and choose which updates to apply to their systems has many companies concerned. The reality is we will have less of a choice in the matter going forward, so what do we do?

Pilot Groups

One tip that I always stress when advising our customers is to have an involved pilot group. Many companies have a small set of test systems for the most critical of assets, but this falls short of truly ensuring you catch application compatibility issues quickly. What you need is to ensure you have a selection of power users in your pilot group to help you flush out issues quickly. These power users will be able to provide you better feedback, and they’re technically savvy enough to help you work through issues as you discover them.

Hitting a few power users who will keep their head and work with IT to resolve issues quickly helps reduce impact to the greater workforce. Someone from IT may be able to verify login works and some basic interfaces load, but the power users will get into the product and find the less obvious things, like updating broke print features or submitting a job or form. Most business managers quickly agree to this arrangement when you put it to them as a partnership where you will work with one or two of their best to keep the majority impact-free.

Your Patch Week Forecast

August was our lightest Microsoft Patch Tuesday this year tied with January at 9 Microsoft bulletins total; the average this year has been closer to 13 bulletins each month. I expect this month will be closer to the average if not a little above. Starting in October, this average will appear to drop significantly as the bulletins will become bundles instead, reducing the average number of Microsoft updates to around four or five each month. At that point, watching vulnerabilities resolved will be a more accurate indicator of how significant the month’s updates were.

On the non-Microsoft front, I would expect an Adobe Flash update, as we have not seen a Flash Player update since July, which is near an eternity in Flash Player terms. Also, be aware that Adobe has updated the looming end of open distribution of Flash message on the distribution download page. The end of September is the new cut off where you will need to have an Adobe ID and login to Adobe’s site to gain access to Flash updates if you need to distribute them internally. We will see if this is really the one.

Google Chrome just released this Wednesday, so plan to include that and some other recent third parties like Wireshark in your patching schedule this month.

And as always, watch for our Patch Tuesday update and infographic next Tuesday and catch deeper Patch Tuesday analysis on our monthly Patch Tuesday webinar next Wednesday. Sign-ups and info can be found on our Patch Tuesday page.

Do you know your Patch Management Posture?

How well do you know the security posture of your environment?  Do you know how effective your Patch Management process is? Can you provide stakeholders with a quick look at the state of your network and show how protected you are in real time?

In today’s world with so many devices connected to a network and with the BYOD option becoming more and more of a norm, it is now more important than ever to have visibility into security risks for an organization.

Visibility into your security posture is the key to providing the knowledge necessary to take action on security measures that you can control. So how do you get visibility into your current security posture and what are valuable insights?

What are valuable insights?

  • When were devices last patched?
  • What are the outstanding patches missing from a device?
  • How many and what are the severity levels of the patches needed?
  • What devices are non-compliant and of those, which ones are the most security risk to the organization?
  • How quickly are patches deployed to devices after each patch is released?

How do you get the visibility into your security posture that is meaningful to you? Xtraction

Xtraction allows an organization:

  • To decide what is meaning information
  • To provide access to that information anywhere from a browser at anytime
  • To report real-time results based on the current state of the production database

Xtraction for Shavlik Protect provides a number of default dashboards as part of the Report Bundle offering.

These dashboards have been designed to give visibility into the security posture of an organization and to provide the insight needed to aid in prioritizing meaningful action.

Since the release of Xtraction for Shavlik Protect Reporting Bundle, 2 additional dashboards have been created and are available on the Xtraction for Shavlik Protect landing page of the community website.

Visibility into Security Posture

Windows Convenience Update causing inconvenience for VMware and Microsoft App-V users!

Cybersecurity(Own)A quick heads up.  The Convenience Update for Windows 7 SP1 and Server 2008 r2 SP1 is causing issues with VMs running VMware VMXNet3 virtual network adapter type.

According to a blog post by VMware and a post by Microsoft uninstalling the update will resolve the issue.  The Microsoft article goes on to talk about an issue with Microsoft App-V where virtual applications may have difficulty loading.

Recommendation in both cases is to defer pushing this update until a resolution is in place.