By not applying software patching you, in all likelihood, leave the door open for malware attack. According to InfoWorld, "unpatched software is the top reason computers get exploited." And according to the Microsoft Security Intelligence Report, approximately six thousand new vulnerabilities surface each year - that works out to an average of 15 per day!
The majority of small businesses do not have a reliable patch management process, according to new survey of IT professionals released by Trustwave. Furthermore, many IT administrators admit that the task of software patching is tedious, time-consuming and even confusing. And while there are software vendors that offer their solution to the software patching dilemma, the bottom line is that someone from your IT department has to [reluctantly] learn that vendor's product and consequently be responsible for making sure the patching gets done. Patching is a dirty, endless and thankless job. Yet, aren't we putting the cart before the horse? What if instead you knew exactly which updates are missing? As the saying goes, "forewarned is forearmed."
A lean, robust, stable and secure Active Directory will determine how well your Windows infrastructure performs. According to IT surveys, however, that well-tuned and secure Active Directory infrastructure is the not always the case.
In many organizations Active Directory Domain Services (ADDS) is the primary method for access management. Consequently, access to systems, information and connections is often governed by information in Active Directory. User objects and computer objects play a big role in this model, since they represent both physical and virtual objects within the organization.
Unfortunately, not every organization acknowledges the importance of an up-to-date and lean Active Directory infrastructure. There are several reasons for this: (1) inadequate manpower, (2) not having sufficient personnel with the required skill-set, (3) not having the appropriate mandate from management, just to name a few.
The following scenarios are typical in over 50% of companies surveyed:
Those responsible for securing their IT infrastructure face particular challenges. Every organization experiences continued growth in the number of desktop and remote clients, such as laptops, tablet computers and smartphones that have to be supported by the organization, with each device looking to connect to the corporate network. The potential for security breaches is greater than ever.
Endpoint Protection provides client and server operating systems protection against the latest malware threats. Endpoint Protection is integrated with Microsoft's System Center Configuration Manager (SCCM). And since Endpoint Protection is built on System Center Configuration Manager, the GUI interface experience provides administrators a unified infrastructure for client security and compliance management. Endpoint Protection allows the IT administrator to manage anti malware policies and Windows Firewall security for computers within the Configuration Manager hierarchy.
Custom anti malware policies can be implemented [specific to devices configuration], and then deployed to client computers and monitored using System Center Configuration Manager. In addition, Endpoint Protection provides highly granular reporting.
Automation has become the mantra for business owners looking to move away from a reactive, break-fix model that has been the legacy trademark of the traditional IT infrastructure. In the past, management has [reluctantly] accepted the notion that random IT downtime is an expected part of running their business. That notion is no longer acceptable by management and consequently IT departments have responded by putting into place service level agreements (SLA) and other metrics in order to satisfy management.
While establishing SLA’s is obviously a step in the right direction, that alone does not address the issue. The issue being, how to go from a reactive, break-fix model to a proactive, automated approach. The fact is, automation offers cost-saving potential to any business willing to adopt an automation-centric model. So the question is, where do you begin?