Patching Becoming a Major Resource Drain for Companies
Need to stay on top of threats such as Blaster poses burden to users
Computerworld - Last week's W32.Blaster worm, which affected thousands of computers worldwide running Windows operating systems, highlighted the enormous challenge companies face in keeping their systems up to date with patches for vulnerabilities, users said.
Companies that, ahead of Blaster's rampage, had installed Microsoft Corp.'s patch for a flaw identified last month said they felt no effect from the worm. But the seemingly constant work involved in guarding against such worms is becoming a burden that could prove unsustainable over time, users said.
"The thing about patching is that it is so darn reactive. And that can kill you," said Dave Jahne, a senior security analyst at Phoenix-based Banner Health System, which runs 22 hospitals.
"You need to literally drop everything else to go take care of [patching]. And the reality is, we only have a finite amount of resources" to do that, Jahne said.
Banner had to patch more than 500 servers and 8,000 workstations to protect itself against the vulnerability that Blaster exploited. "I can tell you, it's been one heck of an effort on a lot of people's part to do that," Jahne added.
For the longer term, Banner is studying the feasibility of partitioning its networks in order to minimize the effect of vulnerabilities, he said.
Adding to the patching problem is the fact that companies, especially larger and more distributed ones, need time to properly test each patch before they can deploy it, said Art Manion, an Internet security consultant at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh.
That's because patches haven't always worked or have broken the applications they were meant to protect, said Marc Willebeek-LeMair, chief technology officer at TippingPoint Technologies Inc., an Austin-based vendor of intrusion-prevention products.
Companies also need to schedule downtime in advance to deploy such patches, said Kevin Ott, vice president of technology at Terra Nova Trading LLC, a Chicago-based financial services firm.
"We work in a 24-by-7 environment, so there is a limited scope for downtime" in which to deploy patches, he said.
But the stunning quickness at which Blaster exploited Windows' remote procedure call vulnerability is a sign that companies are going to have to respond to new threats even faster than they do today, said Chuck Adams, chief security officer at NetSolve Inc., an IT services company in Austin.
Although worms such as SQL Slammer didn't appear until eight months after the vulnerability was announced, Blaster was released in just one month, Adams said.
That means companies will need to somehow find ways to lessen the time it takes to test and deploy patches, said Vivek Kundra,
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Malware and Vulnerabilities White Papers | Webcasts