T

he unfortunate truth about patching is that it’s always been a problem. But until recently, it wasn’t a big enough problem. There simply weren’t a lot of endpoints, and those that did exist were usually safe behind company firewalls. It also helped that there were very few hackers with the skills to penetrate networks.

Most patch management solutions have used the same formula since the 90’s. Install a central server on-premise to scan for vulnerabilities and push patches out - typically just for Microsoft vulnerabilities. To patch other operating systems and 3rd party software, you;re required to use a manual process.

Some newer patching tools have been developed specifically for Mac OS X or to manage 3rd party applications. But they don’t address other operating systems such as Linux, which has forced users to rely on scripting through configuration management tools to handle patching.

Patching is one of the most critical security protocols in your organization, yet it has remained a time consuming and inefficient process for organizations. Patching is a prime example of how automation can be implemented to simplify a routine process while also improving your security position. What you need is a patching system of record.

We’ve established that effective patching has been ignored for too long, and we know why that was originally the case. But why is it still an accepted practice? Like most change, it came slowly and then all of a sudden.

The importance of patch security changed roughly ten years ago. While Salesforce pioneered using the cloud to deliver their software to end users in 1999, it wasn’t until 2006 that Amazon Web Services and Google Docs launched. By 2010, when Microsoft released Azure, using cloud infrastructure had evolved beyond early adopters.

At the same time, on the consumer side, Apple released the iPhone in 2007, followed by Android in 2008, and then the iPad and tablets in 2010. These devices changed the way end users connected to company networks.

These two simultaneous shifts resulted in increased productivity, reduced costs, and improved operational efficiency. Unfortunately, from a security standpoint these tremendous gains in how we work created significant security risks.

Most organizations continued to use their existing patch process, which doesn’t account for cloud infrastructure or remote endpoints. For a time this was an acceptable risk, cyber attacks were increasing but the odds of being breached were still relatively low.

2015 became the watershed year for cyber attacks. According to PwC, security incidents increased by 38%, the largest jump in 12 years. Since that time both 2016 and 2017 have seen further increases in cyber attacks. The slow change from 2006 to 2015 became sudden in 2016.

Most patching providers focused their efforts on other product improvements, meaning their patch remediation was quickly becoming antiquated. And since there had been little innovation, companies accepted the status quo. Thus, patching is still considered a mundane, difficult task that is often de-prioritized until it absolutely has to be done.

Automox formed in 2016 to address these specific issues. We started with a simple idea, there has to be a better way to patch. Our cloud native solution was intentionally designed to patch Windows, Mac OS X, and Linux distros from a single dashboard. You can also natively patch 3rd party software with Automox.

As a cloud native solution utilizing a lightweight agent, Automox patches remote devices and cloud infrastructure as easily as on-premise endpoints. As long as the endpoint is connected to the Internet, it can be patched.

The ability to patch every endpoint in your infrastructure, across operating systems and applications, in minutes instead of days of weeks, has made Automox the patching system of record.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

More posts like this:

Patch Management