In the uncharted waters of a corporate network, there are threats and risks lurking in some of the most unexpected places.
In my time inspecting the IT environments of customers across North America, there are two areas that are commonly overlooked when battening down the hatches of even the sturdiest of IT vessels: insufficient antivirus software and operating system patches.
Security risks: antivirus missing in action
Due largely to the proliferation of dedicated broadband network connections, antivirus software has grown from a good idea to a business necessity. Yet many machines within an organization—those in the hands of remote users, for instance–are often neglected when antivirus software is deployed.
Then there are other storms to weather, such as the potential for antivirus clients to become disconnected from antivirus consoles or scheduled updating procedures. The reasons vary from corruptions in the software itself to maintenance contracts lapsing without the knowledge of IT staff to simple user-driven deactivation when privileges are not tightly managed. The net result is that a surprising number of machines are often in violation of the organization’s antivirus policy. And as we all know, you need only one leak to bring down the ship. The right discovery tool, fortunately, can help you tracking down and update these “rogue” machines.
Functionality risks: patches to the operating system
Patches are just that: improvements to software issued to patch “holes” that are usually recently discovered flaws in the original design. Nowhere else is this more true (or more important) than at the operating system (OS) level, where design flaws or newly uncovered security vulnerabilities can result in downtime or, worse, the very real possibility of compromising critical data. As a case in point, of the roughly 850 patches and “hotfixes” released for Windows XP, 18% address OS functionality, and 10% work to cover security vulnerabilities.
So if OS patching is so important, how is it that so many machines seem to go without the latest updates? The answer varies from technical issues surrounding a patch management solution to something as simple as a user disabling his Windows Update settings. One thing is true of all patch management solutions: A process with the least failure points will invariably be the most successful. This often translates into centrally managing the job of patch deployment, thus limiting the potential for end-user error. Setting and clearly defining your policies is only the beginning. To make sure your efforts count, you also have to be able to measure how well your users adhere to these policies.
As any seafarer knows, from galley slave to admiral, running a tight ship is immensely preferable to going down with it.
Dean Williams is a corporate services specialist for Toronto-based software consultancy Softchoice Corp.