ENTERPRISE DESKTOP TIPS: SHOULD YOU USE 3rd-PARTY PATCHING TOOLS TO KEEP WINDOWS 7 SECURE?
INTERNET, FEBRUARY 2, 2011 (COMPUTERWORLD) PART 1 OF 2, By Kevin Beaver, Contributor - Patching may be a mundane task, but the reality is we've yet to master it. Although we're in an era of automatic software updates, you still need centralized visibility and control to keep everything in check.
In any network security assessment I do, I inevitably come across workstations running Windows Server Update Services and Windows Update that aren't properly patched. Whether this is a Microsoft flaw or an internal misstep is unclear, but it's a dilemma across every industry. A big part of the problem is that organizations rely on Microsoft to do all the work. After all, the flaws are in Microsoft's software, so subsequent patches are its responsibility, right?
Not so.
As with anti-malware, logging and monitoring, and network intrusion prevention systems (IPS), just because Microsoft offers a patching option doesn't mean it's a good fit for your business.
There are many third-party alternatives for keeping Windows 7-based systems up to snuff, including:
•BigFix Patch Management
•GFI LANguard
•Lumension Endpoint Management and Security Suite
•Shavlik
These vendors have lots of bells and whistles for enterprise patching, like patching third-party software, that Microsoft doesn't. Based on new research on patching offline/dormant virtual machines, we can expect even more advances in desktop patching, especially from third-party vendors.
Another mistake that enterprises make is they assume that Microsoft's commitment to releasing security updates and the enhanced security features in Windows 7 will keep them safe. This isn't necessarily the case.
Windows endpoints often serve as the path of least resistance in the enterprise. Although I've found Windows 7 to be secure, that goes for that operating system as well. You have to keep Windows 7 and any running third-party software well patched. This is especially important because tools such as Rapid7's Metasploit and its easier-to-use commercial counterpart Metasploit Express can be used maliciously. They both serve a legitimate purpose, but they can easily be used against enterprises. One rogue user or piece of malware combined with a single unpatched Windows 7 system is all it takes to harm the enterprise network.
It's important to take a close look at Microsoft's products and see how they're working. Maybe they are, maybe they aren't. Your internal security assessments and audits should paint the most accurate picture. Odds are there are some weaknesses. It's up to you to make some changes to get this beast under control once and for all.
ABOUT THE AUTHOR Kevin Beaver is an
information security consultant, expert
witness, and professional speaker at
Atlanta-based Principle Logic LLC.
He can be reached at www.principlelogic.com,
and you can follow him on Twitter at @kevinbeaver.
26 Jan 2011
[THIS ARTICLE IS CULLED BY PHNO IN REPLY TO READER'S INFO REQUEST ON BUSINESS AND HOME DESKTOP SECURITY TIPS]
----------------------------------------------------------
Chief News Editor: Sol Jose Vanzi
© Copyright, 2011 by PHILIPPINE HEADLINE NEWS ONLINE
All rights reserved
----------------------------------------------------------
PHILIPPINE HEADLINE NEWS ONLINE [PHNO] WEBSITE
[Non-text portions of this message have been removed]
Follow us on Twitter: http://twitter.com/phnotweet
This is the PHILIPPINE HEADLINE NEWS ONLINE (PHNO) Mailing List.
To stop receiving our news items, please send a blank e-mail addressed to: phno-unsubscribe@yahoogroups.com
Please visit our homepage at: http://www.newsflash.org/
(c) Copyright 2009. All rights reserved.
-------------------------------------------------------------
