Patching is a very common term in IT system administration. So what are patches for and how important are they for IT security?

Generally patches are software updates which fix certain bugs in the software. Nowadays theses patches also contain hot fixes which safely close security vulnerabilities in software.

It is highly recommended to install available patches when they’re released; however, it is always wise to study the technical release note. A technical release note provides some important information about the software patch itself such as the requirements, conditions and full description of the patch.

“Never touch a running system” is a common slogan known by system administrators, and it’s because of this slogan that some system administrators prefer not to install a patch immediately into their productive environment as soon as it has been officially released.

In many cases the system administrator will be happy to install a certain patch, if he/she comes to the conclusion that they have no other option available to fix a noticeable malfunction in the software which is causing trouble in his productive environment.

But many system administrators are not aware that patches also fix severe security bugs in the software which may not be directly visible to them and a delay in patching the software means keeping their corporate network unsecure. Security holes in software are a real danger in corporate environments as it opens doors for hackers and spammers. It does not take long for a hacker or spammer to identify and take advantage of such vulnerabilities, often with a system administrator not even realizing this.

Therefore I strongly believe that keeping software up-to-date contributes greatly to keeping your corporate network safer and there are many reasons why professional patch management software can be of great assistance to a systems administrator.

  1. It keeps you automatically informed about new patch releases. Each release note for a different product can be viewed conveniently from one centralised user interface. It saves me a lot of time and I do not need to worry anymore about missed patches thereby keeping my network safer.
  2. Patches can be downloaded easily, fully automated and completely without requiring my presence. Furthermore, I can control the patch deployment workflow for my whole corporate network from my desktop.
  3. The planning and deployment of software installations is much faster requiring just a few clicks.
  4. Monthly reports are common in the industry but creating a professional report consumes a lot of time and requires some effort to collect the necessary data. Monthly inventory reports can be scheduled with professional patch management software. Furthermore, reports are customizable and the parameters can easily be changed.