Presentation is loading. Please wait.

Presentation is loading. Please wait.

Patch Management Patch Management Best Practices

Published byDwight Brooks Modified over 6 years ago

Similar presentations

Presentation on theme: "Patch Management Patch Management Best Practices"— Presentation transcript:

1 Patch Management Patch Management Best Practices
Steve Thamasett, CISSP, MCSE, NSA IAM November 7, 2003

2 Agenda Current Patch Management Situation
State of connected devices / users Spread rate for Code Red Business Drivers and Challenges Lost revenue due to downtime The INS Solution Process based Patch Management Service Features & Benefits Phase by phase descriptions Case Study

3 Current Situation Industry Security
14B devices on the Internet by 20101 35M remote users by 20052 65% increase in Web sites3 90% detected security breaches4 85% detected computer viruses4 95% of all breaches avoidable with an alternative configuration5 Security 1 Source: Forrester Research 2 Source: Information Week, 26 November 2001 3 Source: Netcraft summary 4 Source: Computer Security Institute (CSI) Computer Crime and Security Survey 2002 5 Source: CERT, 2002

4 Code Red Virus Infection
July 19, :00 – 159 hosts infected

5 Code Red Virus Infection
12 hours later – 4,920 hosts infected

6 Code Red Virus Infection
12 hours later (24 total) – 341,015 hosts infected JANUARY SQL SLAMMER WORM: same spread in TEN MINUTES

7 Business Drivers New vulnerabilities released daily
Widespread publicly leads to releases of exploits Vendors must provide quick turnaround on patches

8 Business Challenges Internet facing systems typically patched first
Two fundamental past assumptions: The threat of attack from insiders is less likely and more tolerable than the threat of attack from outsiders. A high degree of technical skill is required to successfully exploit vulnerabilities, making the probability of attack unlikely. Threat profile and potential risks have increased Viruses can now be delivered through common entry points, automatically executed, and then search for exploitable vulnerabilities on other platforms.

9 Our Business-Centric Approach
Patch Management is a Process, not a Tool Links Business Imperatives to Network Solutions Quantify value of new initiatives Optimize existing infrastructure Identify best-of-breed solutions Employ proven best practices and methodologies Collaborative infrastructure and culture to multiply consultant value Knowledge transfer for sustainable results Formal quality program from initiation to close-out

10 The INS Solution Patch Management Service
Facilitate and establish a patch management process Plan and design a comprehensive patch management process Assist in the Implementation of the process

11 Patch Management - Features
Network Device and Host Inventory Determines your organization’s network and host inventory. A clear understanding of the devices and hosts within the organizations infrastructure must be defined and inventoried.

12 Patch Management - Features
Network Device and Host Assessment Maps your IT infrastructure to the patch management process. Suggested patch management solutions based upon findings

13 Patch Management - Features
Patch Monitoring and Discovery Builds the procedures for monitoring patches as they are released. Includes monitoring of all appropriate security intelligence sources required to identify any exposures or vulnerabilities that may impact the organization.

14 Patch Management - Features
Patch Evaluation Investigate, evaluate and test patches in accordance with business objectives, security and IT operational goals. Generation of a formal plan and documentation to govern the testing based on the type of system and vulnerability

15 Patch Management - Features
Patch Implementation Develop tools and templates to integrate with your change management policy. Develop the standard Security Advisory template Develop the procedures for the patch to go from testing, to implementation, including updating standard builds as needed.

16 Patch Management - Features
Patch Maintenance Develop tracking and reporting mechanisms Develop security awareness processes

17 Patch Management – INS Expertise
Strength of Security, Operating Systems, and Network and Systems Management consulting expertise Successful track record INS has the expertise and business-focused methodology to identify and quantify operational risk, engineer the right management and delivery process, and align quantifiable results to our customers’ business goals

18 Patch Management - Benefits
Proactively identify and remediate IT security vulnerabilities Focuses IT and security on the right set of problems to address Improved service performance and availability by optimizing business and systems processes Adds value to ongoing business initiatives, business continuity, reducing operating costs, and security mandates

19 Patch Management - Deliverables
Executive summary report A patch management process Recommendations and a plan for implementing a patch management process Plan for maintaining the patch management process lifecycle Client Engagement Book Knowledge transfer

20 CS: Patch Management Government contractor in healthcare space
DITSCAP and HIPAA concerns Server / Workstation profile One primary datacenter (~50 Wintel servers) 25-30 remote locations (1-3 Wintel servers each) ~1000 seats total (Wintel platform) Requirements Server / workstation hardening Process for maintaining secure environment DoD oversight for security Periodic network and system scans Review of process and procedures

21 CS: Patch Management Discovery Phase Assessment Phase
Network scans using ISS System scans with HFNetChk / MBSA Assessment Phase System scans with SRR scanner Issues with “vendor provided” systems Patch Monitoring / Evaluation Phase Development of regular list monitoring Developed lab for testing Patch Implementation Phase Change management process Patch evaluation and deployment process

22 Customer-centric, business-driven approach
The INS Advantage Customer-centric, business-driven approach Our primary approach is to relate technology strategies to business objectives We employ our highly documented Business Value Justification (BVJ) methodology throughout each engagement to ensure that measurable business value is delivered in terms of increased productivity, cost avoidance, asset protection, and business enablement. Our team works side-by-side with our customer’s team to develop tailored solutions that meet their objectives We focus on knowledge transfer to ensure that your staff becomes self-sufficient quickly

23 The INS Difference Vendor independence Business-centric focus
Optimal solutions to build, manage, and secure your network Business-centric focus Link business imperatives to network solutions Experience 15,000+ engagements Expertise 1,200 certifications in 96 categories Mature support systems KnowledgeNet Quality assurance program Collaborative culture Engage one, get the “team”

24 Thank you Steve Thamasett, CISSP, MSCE, NSA IAM
Web:

Download ppt "Patch Management Patch Management Best Practices"

Similar presentations

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
By Saurabh Sardesai www.starvaluemodel.com October 2014.

By Saurabh Sardesai October 2014.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Patch Management Strategy

Patch Management Strategy
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.

Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.

Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.

QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.
The Evergreen, Background, Methodology and IT Service Management Model

The Evergreen, Background, Methodology and IT Service Management Model
Presenting The Broker-Dealer Certification Tool The Compliance Department Inc. Broker Dealer Compliance Consultants Compliance SCORE Powered by Keane BRMS.

Presenting The Broker-Dealer Certification Tool The Compliance Department Inc. Broker Dealer Compliance Consultants Compliance SCORE Powered by Keane BRMS.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.

THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.
Security Overview for Microsoft Infrastructures Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security.

Security Overview for Microsoft Infrastructures Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Similar presentations

Ads by Google