This report says we’re 3,000 patches behind,” and, “Well, no, that’s right because we haven’t gone there yet.” What’s the balance? I can see a business owner and an IT person going, “Why are we behind? Well, we aren’t behind. Some people say you shouldn’t roll out patches right away. Then on top of that is you have the internal debates about what patches are important and when they should roll out. Another system might show you’re behind by many patches. One auditing system might show it’s up to date.
HIDDEN BUSINESS PROBLEMS PATCH
It also gets even more complicated because the different patch management systems out there whether it’s just Microsoft or whether you’re using third party patch management systems, they often give you different results that can leave you with a false sense of security. Great technology, but if patches are trying to be pushed to my machine is my tethered line going to accept those patches? That’s just one end point out of 1,000 potentially in an enterprise environment that how susceptible are we in our different environments. It’s funny, we were talking earlier in another meeting, I’m tethered. I’m working remote due to everything that’s going on in the world right now with COVID. What does it mean to make sure that patch management system is up to date every time a security patch is released? That’s a lot of work when you’re dealing with let’s say, 100 to maybe 1,000 end points with different connections. It’s I need one vulnerability within that to get into your system and to wreak havoc.
You look at people spend millions of dollars on security and what are the hackers look for? If you actually looked at some of the pieces that have been released over the last couple years is they’re not looking for some complex piece to get in your network. But the number of patches, while it does open you up to more problems, it only takes how many? One to kind of screw you.
It is like you said, it’s extremely complex to manage patch management. It’s generally thousands of patches and when you think about it across an organization you have different devices, potentially different operating systems. It’s so true when we’ve done these audits that it’s not a few patches that we’ve seen out of date. Well, let’s talk about that for a minute then. What is your Microsoft patch management program doing? How good is it? Because I can pretty much hit on that every time and it’s going to be huge to go ahead and revamp. That’s probably the one biggest thing that I always look at is patch management. We could spend a whole time just talking about patch management for Microsoft alone, let alone third party patching for other line of business apps. Most clients always think that’s such an easy piece and when you’re dealing with such complexity it’s easy to be overwhelmed when you don’t have proper systems in place and proper processes in place within that organization. I think one of the biggest pieces that I always look at is patch management. Every day you’re having to understand a new best practice for that specific tool, new configuration, and so a lot of what we see in these assessments is team members in these companies not being able to keep up with these best practices and configurations. Even I want to hit on technology moves so fast. Why don’t we get started with this and start off with James, what are a few of the top things you’ve seen in network audits that kind of were surprising to I guess both us and the businesses? Everybody reads the news, the security alerts that go out all the time, there’s breaches all the time, but hopefully our discussion today will kind of enlighten everyone’s mind to some of the things that can be going on in a business that business owners or leaders may not even know about or could be happening just because people are too busy and not looking.
We want to make sure today that people listening, you know, this isn’t about scaring you and making you worry about crazy things that can happy in your network because we have that every day. It’s really interesting to find some of these things. What we’ve kind of found over the years … I mean, we’ve found some really surprising things when we’ve gone into companies and looked at their networks. James is here because he’s been involved in a massive number of audits and assessments for many different types of organizations and their networks. That sounds way better, but they do lots of automation too. James runs the … What do you call yourself? The automation and proactive team? Today we have James Schmidt here from JMARK. Welcome world to another episode where we’re going to talk about some fun and exciting things. Welcome to the JMARK Business Innovation Technology Experience.
0 kommentar(er)
