What is Enterprise Patch Management?

What is Enterprise Patch Management (a.k.a. the application of software security updates according to NIST SP 800-40r4)? The National Institute of Standards and Technology (NIST) just released Report 800-40r4: Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology. [...]

What is Enterprise Patch Management?2022-04-08T13:23:38-07:00

Disk Encryption and Software Patching Provide Safe Harbor and Good Security Practices to Protect Against Theft and Data Breaches

A recent article in the Los Angeles Times says, “A new analysis of government records, published Tuesday in the journal JAMA, found that close to a thousand large data breaches affected 29 million medical records between 2010 and 2013. Nearly 60% [...]

Disk Encryption and Software Patching Provide Safe Harbor and Good Security Practices to Protect Against Theft and Data Breaches2015-04-16T16:08:11-07:00

Why are Patch Management and Change Management Important?

Alvaka Networks has arguably the best and most sophisticated patch management process in the Orange County, Los Angeles County and possibly the US.  Not many firms can deploy vast quantities of patches to valuable high availability servers and PCs with smoke testing qualify control while following the sun globally during selected narrow service windows.

Change Management
Change management is vital to every stage of the patch management process. As with all system modifications, patches and updates must be performed and tracked through the change management system. It is highly unlikely that an enterprise-scale patch management program can be successful without proper integration with the change management system and organization.

Like any environmental changes, patch application plans submitted through change management must have associated contingency and backout plans. What are the recovery plans if something goes wrong during or as a result of the application of a patch or update? Also, information on risk mitigation should be included in the change management solution. For example, how are desktop patches going to be phased and scheduled to prevent mass outages and support desk overload? Monitoring and acceptance plans should also be included in the change management process. How will updates be certified as successful? There should be specific milestones and acceptance criteria to guide the verification of the patches' success and to allow for the closure of the update in the change management system....

Why are Patch Management and Change Management Important?2021-01-27T21:42:49-08:00

Expect a Big Microsoft Patch Tuesday on February 12th

Microsoft is releasing 12 patches on Tuesday for a near record 57 vulnerabilities.  This release is only bested by the 64 vulnerabilities of April 2011.Five of the patches are critical.  Two of those five are for Internet Explorer versions 6, [...]

Expect a Big Microsoft Patch Tuesday on February 12th2013-02-11T23:01:00-08:00

The Java Problem Just Got Worse

Be careful where you go to update your Java software.  There is new malware masquerading as a Java update. If you are a current client and your company is concerned about this security risk and you feel you need some [...]

The Java Problem Just Got Worse2018-08-22T11:22:39-07:00