1 / 19

Secure Your Business

Secure Your Business. PATCH MANAGEMENT STRATEGY. A risk based approach is key. Implement Patch Management. Sources of risk were patch management could be an important building block to reduce them: OS vulnerabilities Complex viruses/worms Exploits Spam Spyware.

turi
Download Presentation

Secure Your Business

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Your Business PATCH MANAGEMENT STRATEGY

  2. A risk based approach is key Secure Your Business Implement Patch Management

  3. Sources of risk were patch management could be an important building block to reduce them: OS vulnerabilities Complex viruses/worms Exploits Spam Spyware Blended threats such as Nimda, Goner, SQL Slammer and Code Red have become increasingly more common Perimeter Defences such as firewalls are not enough to ward off these increasingly sophisticated threats Some sources of risk Secure Your Business

  4. Patch management: 4 steps • Based on Microsoft Operations Framework (MOF) • 4 phases defined: • ASSES • IDENTIFY • EVALUATE and PLAN • DEPLOY Secure Your Business

  5. Step 1: Assess • Know your computing environment • OS, Service Pack, HotFix, and Patch levels • Installed hardware (servers, desktops, laptops) • End-user experience and knowledge • IT staff abilities and knowledge • Determine: • What you have in your production environment • What security threats and vulnerabilities you might face • Whether your organization is prepared to respond to new software updates • Other MOF-Service Management Functions can interact Secure Your Business

  6. Step 1: Assess: an Ongoing Process • Inventory/discover existing computing assets • Assess security threats and vulnerabilities • Determine the best source for information about new software updates • Assess the existing software distribution infrastructure • Assess operational effectiveness Secure Your Business

  7. Step 1: Assess (cont’d) • Assess security threats and vulnerabilities • Apply bulletin information to inventory • Determine the best source for information about new software updates • Use notification services to prepare for patch release • Preparation begins long before Patch Day • Assess the existing software distribution infrastructure • Keep a record of past experiences/success rates • Assess operational effectiveness • Are there steps that need to be improved? • Were there factors that led to failure/that led to success? Secure Your Business

  8. Step 2: Identify • Goals: • Discover new software updates in a reliable way • Determine whether they are relevant to your production environment • Determine whether an update represents a normal or emergency change • Determine the applicability of a software update to your IT infrastructure: • Reading security bulletins and KB articles • Reviewing the individual software updates • Determine the applicability of a software update to your IT infrastructure Secure Your Business

  9. Step 2: Identify • Decide When to Apply the Software Update • Low, Medium, Important, Critical? • Exploited in the wild? • Applies to the production environment? • Testing • Confirm source files • Deployability • Installation options Secure Your Business

  10. Step 3: Evaluate and Plan • Goals: • Make a go/no-go decision to deploy the software update • Determine what is needed to deploy it • Test the software update in a production-like environment to confirm that it does not compromise business critical systems and applications • Goals: • Get approval for deployment • Pass to deployment team Secure Your Business

  11. Step 3: Evaluate and Plan • Determine the appropriate response • Categorize software deployment Secure Your Business

  12. Step 3: Evaluate and Plan • Plan the release of the software update • Determine what needs to be patched • Identify the key issues and constraints • Build the release plan • Emergency change request • Build the release • SMS 2003 package creation • The Distribute Software Updates Wizard eliminates much of the work that would traditionally be required to deploy a software update using SMS 2003 • Conduct acceptance testing of the release … Secure Your Business

  13. Step 3: Evaluate and Plan: • Conduct acceptance testing of the release • Once installation is complete, the computer should reboot as it is designed to. • Software update works across slow/unreliable connections. • Software update is supplied with an uninstall routine -- and it works! • Business-critical systems and services continue to run once the software update has been installed. Secure Your Business

  14. Step 4: Deploy • Goals • Successfully roll out the approved software update into your production environment • Meet all of the requirements of any deployment service level agreements (SLAs) you have in place Secure Your Business

  15. Step 4: deploy overview • Deployment preparation • Communicating rollout schedule to the organization • Importing programs and advertisements from test environment • Assigning distribution points • Staging updates on distribution points • Selecting deployment groups Secure Your Business

  16. Step 4: Deploy: post implementation • Post-Implementation Review • Ensure that the vulnerabilities are added to your vulnerability scanning reports and security policy standards so the attack does not have an opportunity to recur • Ensure that your build images have been updated to include the latest software updates following the deployment • Discuss planned versus actual results and discuss the risks associated with the release • Review your organization’s performance throughout the incident. Improve your response plan and include lessons learned. • Discuss changes to your service windows. • Assess the total incident damage and cost—both downtime costs and recovery costs. Secure Your Business

  17. More information? http://www.telindus.be/Products+and+Services/Security/ http://www.microsoft.com/MOF http://www.microsoft.com/windowsserver2003/techinfo/overview/quarantine.mspx Secure Your Business

  18. Questions? KOEN.BLANQUART@TELINDUS.BE HTTP://WWW.TELINDUS.BE

  19. Thank you for your attention KOEN.BLANQUART@TELINDUS.BE HTTP://WWW.TELINDUS.BE

More Related