In today’s office environment, using Microsoft’s System Center Configuration Manager (SCCM) for patch management is simply not enough to bolster network security. Microsoft applications are not the only ones at risk. Third-party applications—such as Adobe, Apple or Google—are the cause of most current vulnerabilities. As a result, organizations are forced to dedicate additional resources to ensure comprehensive coverage.
Consider the experience of Ed Bruce, the sole member of HarborOne Credit Union’s IT department who was responsible for patching 475 PCs and 125 servers across 15 New England region offices. Knowing the risks his company faced from improperly patched client-side applications, he deployed Microsoft SCCM to handle Microsoft operating systems and applications. But he still had to address third-party applications separately, spending too much time and disrupting users in the process.
“It was probably taking me two hours to download, repackage and test each package before deploying it using Software Distribution in SCCM. Then there were an additional two hours to roll out the update,” he said. “Because it’s a stand-alone package, the whole process is separate from our monthly patch cycle, which meant another reboot and disruption.”
But then he discovered Shavlik SCUPdates™, which helped him automate the process and lessen the time it took to do third-party patches. “With SCUPdates I can deploy [Adobe Flash Player, Adobe Reader and Sun JRE] updates as Software Updates in SCCM along with all the other Microsoft patches,” he added. Because SCUPdates mergers patching third-party applications within the SCCM workflow, Bruce has to manage only a single patch process, single reboot and single status report.
Like HarborOne, many organizations have discovered that they don’t need to hire additional employees, whose only responsibility is managing third-party patches. That’s a waste of time and budget when there are automated solutions that integrate with SCCM—such as Shavlik SCUPdates—to make the process less time consuming and more effective in protecting network security.