You’ve had a breach – how do you successfully roll out an emergency patch?

Data Breach, News, You’ve had a breach – how do you successfully roll out an emergency patch?

Daniel Robinson, Technical Support Engineer at Foundation IT, takes us through the steps to successfully implement an emergency patch in the event of a data breach.

Patch management has remained a significant challenge for Chief IT Officers since the beginning of the pandemic. CTOs faced mounting pressure to swiftly enable remote working for large and often dispersed teams – all whilst ensuring no compromises were made to security or data that previously were comfortably protected within the office’s four walls.   

Earlier this year, Microsoft was forced to issue an emergency security patch following a cyber-attack that affected millions of Microsoft Exchange clients around the globe because of an exposed vulnerability, with the attack having repercussions on UK SMEs that rely on its software – many unaware they were victims of an attack.   

Vulnerabilities in tech are regularly unearthed, and in response, vendors issue security updates to close any weaknesses before a hacker exploits them. However, the truth is that patching remains the most important thing you can do to secure your IT – even if for many professionals, it is a run of the mill and basic principle.  

A large majority of data breaches that occur happen because of inadequate patching. 60% of breach victims say they were breached due to an unpatched known vulnerability where the patch was not applied. In the hybrid workplace, teams are more disparately working across a blend of work and personal devices, causing new vulnerabilities that are being exploited every day.   

As the hybrid workplace model pushes new priorities to the top of the list, it can leave companies more exposed and emergency patching inevitable at one time or another. So, with that in mind, how can you successfully minimise the damage caused when you next need to roll out an emergency patch?  

1. Identify the vulnerability and further potential pitfalls  

Patching introduces risk, so no matter how well a release update or patch is planned and practiced, there will be eventualities where they contain major vulnerabilities. Not all vulnerabilities will pose the same threat, so they must be quickly identified so they can be fixed and avoid being manipulated by cyber-attackers. Ensure to communicate this exposure with all teams involved to prevent the threat from reaching the next level, and to aid a rapid response time.   

The majority of vulnerabilities are identified, and mitigation is discovered almost as quickly as identifying the vulnerability in the first place. But this process often involves disabling or making components of the software or operating systems cease to function. This can cause numerous headaches within a business when you utilise these features daily. You then must weigh up whether the vulnerability carries enough risk to warrant losing functionality in your systems for a brief period until the vendor can design a full update or patch. A common pitfall I’ve seen is businesses that implement workarounds or mitigations for vulnerabilities, never get time or business sign off to applying fixes or patches which ultimately fully resolve the issue.  

Vulnerability management often feels like trying to fix an old bathtub, just when you fix one leak, another one appears. 

2. Have in place regular patching routines  

Patching updates are ways for developers to bring in improvements to their solutions; fix bugs, introduce new features, and give stability updates. These updates will provide a business with a more efficient and secure way of working by uncovering hidden vulnerabilities, so introduce a routine that regularly allows patch updates to be made.  

Although patching has earned an unfavourable reputation as a cause of business downtime and interruption, condensing your patching into one monthly activity will help avoid a company-wide disturbance if and when an emergency patch needs to be rolled out. On average, a calendar month contains 730.5 hours, so in theory, there should be a small window in this time where an update can be performed. In addition, for hybrid workers, having one day dedicated to patching will allow for managers to plan tasks around this scheduled downtime, helping to avoid loss of productivity and disturbance to scattered teams.  

 3. Give IT teams the right tools to detect and patch in a timely manner  

To have effective security controls, understanding the assets you have within your “premise” is essential. Good asset management can help avoid security crises by enabling workers to take remedial action before a threat develops. The best patch management software will make managing and updating assets simpler and identifying vulnerabilities easier – by scanning for updates, reporting missing patches, and alerting to any weaknesses. 

Azure Virtual Desktop (formerly Windows Virtual Desktop) typically makes rolling out changes, updates and performing maintenance a lot easier. Regardless of the desktops you provide to your hybrid workforce, they all stem from a single desktop image which is bootable and can be updated or changed as required. These can also be deployed during a scheduled maintenance window, and the system can then rebuild the desktop pools so that the user will log-in to a fully updated platform the following day, potentially being none the wiser. 

4. Prepare for emergency patching  

Planning for emergency patching is not simple and will require some disturbance to workflow during a given period. Communicating to teams why an emergency patching plan is important will alleviate some of the disruptions and reiterates the need to embrace patching as part of your company culture. Hybrid teams often work on virtual desktops, like Azure Virtual Desktop (née Windows Virtual Desktop), Microsoft Teams, or access work documents via the cloud, so keeping them updated with any planned practice rollouts will allow them to reprioritise their workload and may even help to spot any potential problems.   

5. Conduct reviews and adjust your patching process  

Conducting a thorough review following an emergency patch rollout will enable you to understand the vulnerabilities that were present and monitor whether the patch update has been compliant, and the threat level has been significantly reduced.   

Consider the process and what worked well – were there any errors that could have been avoided? Is there a need to introduce a new stage of the process to ensure compliance? Taking the time to reflect on the actions leading up to the emergency patch and the impact of the update will help simplify the process for the next time there is a threat to your IT.  

READ MORE:

6. Use a security partner who has end-users in mind  

Using a security partner who considers the experience for end-users means vulnerabilities are quickly picked up and rectified before they are exploited, and reputation is put at risk. Outsourced IT teams can schedule routine system updates around a time that is convenient for your company, eradicating the need for in-office-hours downtime and the wrath of disgruntled employees who were caught off-guard by the latest patch update cycle. This in turn gives peace of mind if an update happens to go wrong, with experienced IT teams identifying and correcting the issue without compromising security.  

Planning for an emergency patch is invaluable and will save your business interruption the next time your update goes wrong. 

Emergency patching can be a stressful time for all, but knowing your process inside and out will help you get prepared for the next time you need to roll out a fix.   

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Author

  • Data Breach, News, You’ve had a breach – how do you successfully roll out an emergency patch?

    Daniel Robinson is Technical Support Engineer at Foundation IT. An ITIL certified practitioner, Daniel’s passion for IT, broad-ranging experience, analytical thinking, and logical work ethic enables him to provide excellent customer support and resolution for a diverse range of clients. Foundation IT works with forward-thinking organisations that are looking to maximise the benefits from their IT infrastructure. Its Managed IaaS and Azure IaaS solutions and services are designed for people that believe their IT Infrastructure should be consumed as a service.

How connected technology can help property developers reach future net...

Matthew Margetts • 18th September 2021

Nations and businesses around the world are working towards net zero targets, and reducing utility consumption is an obvious step in the process. With this significant focus on energy efficiency, how can property developers ensure future net zero compliance? Matthew Margetts, Director of Sales and Marketing at Smarter Technologies, explores the answer.

Are digital neighbourhoods the future for commerce?

Amber Donovan-Stevens • 18th September 2021

It’s a trend that every retail business needs to get on board with – and fast – because in the digital neighborhoods of the future, people will ‘show up’ to online stores as an event; not only to browse and buy goods, but also to socialise and be entertained, just as they do in physical...

The metaverse: Why it matters for business

Amber Donovan-Stevens • 17th September 2021

James Morris-Manuel, EMEA Managing Director of Matterport, explores why the metaverse: virtual replica of the built world, made up of billions of digital twins, will fundamentally change how we experience, interact with, and analyse the space around us.

Why human psychology is the key to effective human-robot interaction...

Amber Donovan-Stevens • 07th September 2021

Craig Summers, UK Managing Director of Manhattan Associates, reflects on Manhattan Associates’ annual virtual event, Momentum Connect and its biggest takeaway. This was being treated to an excellent speaker session from Kate Darling, Professor of human-robot interaction, tech policy and ethics at MIT, looking at how people project human traits, qualities and emotions onto not just animals, but also...

Is ‘clicks and mortar’ the answer to future success for...

Amber Donovan-Stevens • 20th August 2021

The needs and desires of the modern consumer must be put first with a ‘Clicks and Mortar’ model, explains Russell Loarrdige, Director UK, ReachFive. There has been a shift in both customer expectations and attitudes, but if pure-play retailers recognise this and combine a personal online experience with immersive engagement, they too can succeed.

Join our webinar on 28th September: How the digital nomad generation influences business behaviour

X