BLOG: Why patching is a bit like decorating

We all know the feeling, that annoying flaking paint work, just one too many scuffs on the wall. We know we need to decorate, but it’s a big job and there are so many other things that you need to do or want to do – let’s put the decorating off until next month, and so it continues.

Patching can often fall into the same trap. Today’s IT teams are time-poor. There are so many priority-one tasks and not all of them can get done, and let’s be honest, patching is a little like decorating; it’s not glamourous and you can always find something more exciting to be doing.

The Peril of Falling Behind With Patching

According to research by Security Boulevard, almost two thirds (60%) of cyber attacks and breaches are as a result of a vulnerability where a preventative patch is already available, it just had not been applied. Put another way, 60% of all breaches are as a result of organisations not being up to date with their patch management.

Today this is even more prevalent. Cyber attacks are getting more sophisticated as seen by the SolarWinds breach late last year. It is not just core operating system vulnerabilities that expose you but every application that sits on your network. Attacks are also getting more prevalent. While we were all busy enabling employees to work from home last year, cyber criminals were hard at work and in March 2020 alone, according to Infosecurity Magazine, there was a 37% uplift in attacks.

Keeping up to date with patching is essential to minimise business risk, as well as ensuring that you are operating in accordance with your vendor support agreements and maintaining regulatory compliance.

How Do You Solve The Patching Challenge?

Keeping up to date with patching can be a challenge. You need to have your team work out of hours, utilising maintenance windows to minimise disruption, you need the right tools to provide you with the visibility of your current state, and you need a meticulous process in place that ensures you are aware of every patch and can prioritise and apply these in a timely manner.

For many years we have been taking this problem away from our clients and providing Patching-as-a-Service. Whereas to you, it is a necessary evil, a burden on your team that is already stretched to the limits. To us, it is what we do. We understand the importance, we have the know-how and we have invested in the tools to make the process easy and effective.

We also allow you to think differently about patching; rather than it being a task, it becomes a service, and as such, can be executed inside a Service Level Agreement. Patching suddenly gets the attention that it needs and the whole process gets the focus, management and rigour that is required to minimise the risk to the business.

Whether you are behind with patching, or just need help in keeping pace, Patching-as-a-Service can offer significant benefits. It takes one of the housekeeping tasks away from your team allowing them to focus on areas where they can add value to the business, it addresses one of the most significant security vulnerabilities in your organisation and it provides you with far greater control and visibility into your patching process.

While I never thought I would describe NAK as decorators, there is a tenuous similarity. There are just some tasks where it is best to get the professionals in. They have the expertise, they have the right tools, and they are likely to do a far better job with far less disruption.

If you would like to discuss your patching challenges and explore how our Patching-as-a-Service can help you, we would be more than happy to talk. Simply contact the team on 0300 456 0471 or email us enquiries@nak.co.uk.