Vulnerability Management: Beyond Patching

ByDaniel Gottilla

Vulnerability Management: Beyond Patching

Much of the time, businesses associate vulnerability management with patching and other types of IT repairs. To an extent, this is true; a large part of protecting your network against potential damages is to find the holes in your system and repair them.

However, patching is really only a temporary IT solution. Over time, continually relying on patches can start to wear on a system to the point where the solution becomes a problem of its own. It’s a lot like a favorite pair of jeans. One or two holes can be fixed with a needle and threat or funky patch, but there comes a point where your original pants are all but gone, and what you’re looking at is a collection of mismatched repair jobs.

There are a number of reasons why this might provide a strain on your system – and your bottom line.

• Some patches aren’t adequate to fix an entire problem. They may provide an immediate solution, but without follow-through work, the hole might simply reappear.
• Patches typically work for one issue only. You might be required to install several patches for several different holes; this is neither time-effective nor cost-effective in the long run.
• Your entire system can be burdened by “over-patching.” Instead of one, streamlined system, you’re relying on a bulky system that may require additional time for processing data.
• Relying on patches means you stop looking at the bigger picture – a good, well-working system. Instead of spending a few hours every week addressing problems on your out-of-date system, you could upgrade your network and let your system operate at its maximum potential.

System patches do have a time and a place in IT vulnerability management – they can secure your system and let you get back to the job you do best. However, if you find yourself spending more than a few hours a month addressing patches, or if your system hasn’t been upgraded (or checked by an IT professional) in a year, it might be time to readdress your vulnerability management plan.