4 min read

The Role of Windows Patch Management in Malware Prevention

Featured Image

The Role of Windows Patch Management in Malware Prevention

Have you suspected that cyberattacks on businesses are increasing in sophistication? A 2017 report confirms that success via these malicious events stems from three primary factors:

  1. More sophisticated threats along with new attack vectors and a greater number of offensives

  2. The increasing complexity of IT environments, with an overpopulation of devices, systems, and connections

  3. Challenges to traditional antiviruses that are not evolving at the same pace as the attacks

As many of these attacks are carried out by malicious software or malware, and ransomware now tops the list of the fastest growing malware threats. According to the U.S. Department of Justice, daily ransomware occurrences rose by 300 percent over the past two years.

Ransomware is hitting certain industries especially hard. Based on the 2017 Verizon Data Breach Investigations Report, ransomware accounts for 72 percent of malware incidents in the healthcare sector. It’s a problem that requires constant attention and one that responds to a well-designed Windows patch management strategy, among other remedies.

Why Windows Patch Management Matter

You’ve probably heard of the latest ransomware attack called WannaCry (or WannaCrypt), which infected more than 250,000 computers running Windows within just the first 24 hours after its release. This particular piece of malware focused on a vulnerability found in the Server Message Block (SMB) protocol used in almost every Windows system.

While there wasn’t much good news for affected businesses, many organizations had implemented the latest Windows security patch just a short time before, preventing further spread of the malware. Those lacking a system for Windows patch management faced data loss due to permanently encrypted files.

The WannaCry malware also showed that cyberattackers are shortening the timeframe needed to exploit systems lacking the latest security protections. Less than 30 days passed from the patch release to ransomware delivery. That means installing patch updates every two to three months may not be enough to combat the latest malware.

Download the Data Security Guide: Learn how to prevent, detect, and contain a  data security incident.

Alternatives to Centralized Patch Management

While Windows patch management keeps your systems secure against many vulnerabilities, it can be difficult to keep up with the large number of software updates. Because of this, you may want to consider other complementary strategies.

Automate processes. Automating patch management can significantly reduce IT man-hours, and offers an ROI that can’t be ignored. The downside can be the lack of control associated with manual patching. As you evaluate an automated patch management solution, consider which platforms are covered, how patch validation is accomplished, and ensure you have the ability to rollback a patch—when needed.

Move to the cloud. As you transition other IT processes to the cloud, it may be an efficient way to handle patches and updates. You’ll want to consider the importance of the system being patched, the potential vulnerabilities, and the exposure level based on where the operating systems are located.

Outsource patch management. Since patch management is one of those IT processes that can consume a lot of manpower, it may be the perfect candidate to move to a managed service provider. You’ll free up your staff to work on revenue-producing initiatives, while locking down security.

How a Managed Service Provider Can Help

You probably know that Windows patch management can be a challenge for your IT department. The process is time consuming, and can be tedious and inefficient. But the continued threats from malware and the increase in ransomware families elevate patch management as a key preventative measure. That’s why many businesses are turning to managed service providers to handle these processes.

A managed service provider handling patch management will regularly monitor all sources to locate necessary patches. They will also evaluate your systems for missing patches and deploy updates, beginning with the highest priority. You should expect a summary report that confirms the successful deployment of needed patches.

It is also recommended that managed service providers update your configuration standards to avoid installing redundant patches to new or re-imaged devices. After this update, regular audits of your devices can confirm that operating system and application patch compliance continues over time.

No matter how you approach patch management, it is a key security process that can’t be neglected.

Data Security Guide: Prevention, Detection, and Containment