Patches, patches, everywhere...

So Tuesday was a mega-patch day, we had both Microsoft and Oracle with their biggest ever patch offerings. The good news is they are at least they are sending out patches.The less positive news is how long it will take organisations to install...

Share

So Tuesday was a mega-patch day, we had both Microsoft and Oracle with their biggest ever patch offerings.

The good news is they are at least they are sending out patches.The less positive news is how long it will take organisations to install them, including those organisations that run systems and applications as a service.

Successful collaboration in the cloud depends upon, among other things, information assurance. Information assurance is the ability of an organisation to manage risk to the governance, compliance, confidentiality, integrity and availability of its information. One key piece of this is configuration and patch management, with timeliness of deployment being the critical metric.

If you use an {X}-as-a-Service and you haven’t already asked, then ask the service provider about their patch management process and how long it will take for the systems to be brought up to date.

A great deal of ‘noise’ is made around the patches released by household software brands, but what about the others with a lower profile? What about Open Source packages? Security is only as strong as the weakest link, in this case the unpatched vulnerability which has become known to all.

By Guy Bunker, Jericho Forum board member

Promoted