The global Covid-19 pandemic created a sudden and dramatic shift to working from home (WFH) that caught many organisations off guard from a security perspective. Specifically, in the case of patch management, many organisations quickly discovered that their current solutions struggled to work effectively in the new remote working environment.
Covid-19 has caught many companies off guard from a security perspective.
Employees are no longer under the watchful eye of IT and security teams at a time when security threats are increasing from malicious actors seeking to take advantage of the pandemic. With so much to do already, IT and security teams need to ensure that vulnerability management remains top of mind and that they do all they can to make the process as seamless as possible.
Coping with difficulties in remote working
Working remotely is always a challenge in terms of IT support and security. With employees connecting to a company's network using a multitude of methods and devices, cracks can soon appear in a secure facade, giving cybercriminals the opportunity to access valuable company data, disrupt services or hold those services or data to ransom.
Due to the sudden shift to WFH (Work from Home), security professionals have been faced with 2 main challenges in the last few months:
Many patching solutions - including Windows Server Update Services (WSUS) and Microsoft System Center Configuration Manager ( SCCM ) - have limitations when it comes to remote patching, as they need to communicate with an on-premises infrastructure to perform a centralized update. IT teams will need to spend time and resources shaping VPN traffic to enable updates through it. However, even when this is achieved, the VPN bandwidth will be saturated with update traffic, resulting in delay or downtime for employees attempting to continue their work remotely.
Reconfiguring the patching process and forcing each system to obtain updates directly from Windows, for example, can reduce the bandwidth impact on the VPN, but result in a loss of control and visibility by IT teams over patches in their environment, which could affect network security.
Companies that were not prepared or configured for remote working before it was implemented may now face the sudden and extreme change to " bring your own device" (BYOD). Some companies have been adopting BYOD for years, but for those that haven't, the challenges of adopting it overnight can seem unmanageable. These companies are now faced with access to corporate data from countless personal devices beyond their control.
Away from the wider security threats this brings, how can IT and security teams ensure that patches are managed effectively on these devices without the oversight that desktop environments enjoy?
Coping with the present and preparing for future challenges
Fortunately, companies can implement solutions to solve many of the problems encountered with remote patching - hybrid and cloud based patch management solutions, for example; solutions offered by Lambert Consulting such as Microsoft Intune or Co-Management Intune / SCCM. Hybrid options can ensure that off-network agents can report to their on-premises management console. These agents use secure cloud services to obtain policy updates and return the results, but will get the necessary updates directly from the vendor's download center. Most importantly, this saves valuable VPN bandwidth and ensures consistent reporting for these devices to help IT professionals continue to manage them properly. Vendors are also making remote patching easier by extending licenses to cover BYOD, which will help organizations manage and ensure compliance and security in the short term.
Many companies are focused on keeping their heads above water in today's global climate and therefore cannot afford to overhaul their IT processes at this time. However, in the long run, they should look to add hybrid support and cloud to all of their vendor checklists, from systems management toolsets to troubleshooting tools and security solutions. Those who were unprepared for this transition to remote work will benefit from this forward-looking approach in the future, as there is still uncertainty about when and if companies will return to their traditional ways of working. IT and security teams must therefore ensure that they can support all systems, including those in the corporate network and user environments, and from on-premises data centers to public and private cloud data centers.
Of course, while patching is the foundation of any security strategy, companies should never rely on it alone to protect their networks. In the age of telecommuting, where security threats can come from a multitude of new angles, it has never been more important to take a layered approach to cybersecurity. IT and security teams need to work together to ensure they have a comprehensive set of security initiatives in place in their environment, including: vulnerability management, privileged access management, application whitelisting, regular backups and employee training.
IT and security professionals face a multitude of new challenges as they continue to maintain remote environments and challenge the uncertainty surrounding what the new world of work can bring. However, they must do everything in their power to ensure that remote remediation processes run smoothly in a timely manner. In combination with a layered approach to cybersecurity, adopting hybrid and cloud -based patch management systems can mean the difference between winning and losing in these unprecedented times.