Tustin, CA – The most interesting part of this BlueCross BlueShield announcement is not that they found the breach on August 5th. What is interesting when you read further into the announcement is that they say “Our investigation further revealed that the initial attack occurred on December 23, 2013.” That is well over 20 months ago. Who really knows what was going on for 20 months?
Alvaka Networks regularly does Executive Luncheonss on the topic of cyber security as well as regular consultations with clients. We regularly warn clients that they have likely been breached and they just don’t know it. BlueCross BlueShield is a prime example.
Periodic review of your security practices, your security policy, user training and log review amongst other practices are in order. If you have not done those things recently let this serve as a wake up call.
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.