Introduction

Why is Patching Important?

Keeping your endpoints updated with the latest patches is crucial to keeping your network secure. This practice is the first and last line of defense against exploits, whether they are existing or new. Therefore, patch and vulnerability management should be a cornerstone of your risk mitigation strategy. Not only does patching reduce risk itself, it also provides a foundation that AntiVirus and other security technologies leverage. You need to keep your systems patched!

As exploits that target your operating systems and business applications increase in volume and sophistication, your window for assessing and deploying security patches is key for mitigating risks, remediating vulnerabilities, and reducing overall costs.

This guide details best practices for using Ivanti Patch and Remediation. We've developed these practices for patch and vulnerability management over thousands of customer engagements. These simple, flexible practices revolve around Patch Tuesday.

Patch Tuesday

Patch Tuesday is a software industry event that occurs once a month. On this day, Microsoft (who invented the practice) and other software companies release a collection of security updates. Ivanti adds these updates to the Global Subscription Server, a cloud service that contains thousands of security patches.

You should plan your patch workflow around this day. Patching your endpoints shortly after the latest security updates are released ensures your endpoints' exposure to vulnerabilities is minimized.

The Monthly Patch Cycle

The following chart displays how you should prepare for, execute, and follow up on vulnerability patching.

The patch management process for every company will be different; each network is unique and has unique requirements. What's most important to remember is that these best practices run in a monthly cycle based on Patch Tuesday. Additionally, these best practices are iterative–you can modify them based on what you learn each patch cycle.

We recommend documenting your own version of the Patch Tuesday process and sharing it with your organization. These documents help communicate the importance of patching and how it helps workers do their jobs. In this best practice guide, we base the process around Patch Tuesday, but you can customize your patch process for your organization and its IT practices—with equally effective results.