Regular patch management is crucial for the security of the computer network of your business.
Whether it is from Microsoft, Adobe, Quark, Océ, Kodak, Xerox, or for SmartBoard, PitStop, Quite Imposing etc., patches are released by software vendors usually to address security issues or to provide bug fixes. Occasionally they enhance or add new features.
Because software security vulnerabilities are the most common ways through which malware can penetrate your computer network, patch management is a good security blanket. While antivirus solutions are great for detecting and removing malware once it is detected on your system, security patches are aimed at closing the doors that malware can use to reach to your system.
Since 2005, there have been over eleven million records breached, according to Privacy Rights Clearinghouse. And those are just from the publicly disclosed data breaches. The large majority of security vulnerabilities that led to those data breaches could have been fixed by applying the latest patches provided by software vendors. But as we know, commercial printers have unique environments with sometimes ridiculously outdated hardware and software – Novell 3.1 anyone? How about that DocuTech 1.0 with software that can only be fixed by that guy in California?
Then you have Canon, Xerox, and Océ with their servers and workstations that no one knows what they are doing other than we “just send files to them”. And you can’t update them either, or something will break. We still have a couple of those stuck on Windows XP, or Windows 7.
If you need more proof about the critical nature of patch management, according to ServiceNow, as noted in this article, a survey of nearly 3,000 cybersecurity professionals around the globe found that “almost half of organizations suffered a data breach in the last two years. Of these, the majority said that they had been breached because of a vulnerability—for which a patch was already available.” (more…)