Presentation is loading. Please wait.

Presentation is loading. Please wait.

Patch Management Patch Management Best Practices

Similar presentations


Presentation on theme: "Patch Management Patch Management Best Practices"— Presentation transcript:

1 Patch Management Patch Management Best Practices
Steve Thamasett, CISSP, MCSE, NSA IAM November 7, 2003

2 Agenda Current Patch Management Situation
State of connected devices / users Spread rate for Code Red Business Drivers and Challenges Lost revenue due to downtime The INS Solution Process based Patch Management Service Features & Benefits Phase by phase descriptions Case Study

3 Current Situation Industry Security
14B devices on the Internet by 20101 35M remote users by 20052 65% increase in Web sites3 90% detected security breaches4 85% detected computer viruses4 95% of all breaches avoidable with an alternative configuration5 Security 1 Source: Forrester Research 2 Source: Information Week, 26 November 2001 3 Source: Netcraft summary 4 Source: Computer Security Institute (CSI) Computer Crime and Security Survey 2002 5 Source: CERT, 2002

4 Code Red Virus Infection
July 19, :00 – 159 hosts infected

5 Code Red Virus Infection
12 hours later – 4,920 hosts infected

6 Code Red Virus Infection
12 hours later (24 total) – 341,015 hosts infected JANUARY SQL SLAMMER WORM: same spread in TEN MINUTES

7 Business Drivers New vulnerabilities released daily
Widespread publicly leads to releases of exploits Vendors must provide quick turnaround on patches

8 Business Challenges Internet facing systems typically patched first
Two fundamental past assumptions: The threat of attack from insiders is less likely and more tolerable than the threat of attack from outsiders. A high degree of technical skill is required to successfully exploit vulnerabilities, making the probability of attack unlikely. Threat profile and potential risks have increased Viruses can now be delivered through common entry points, automatically executed, and then search for exploitable vulnerabilities on other platforms.

9 Our Business-Centric Approach
Patch Management is a Process, not a Tool Links Business Imperatives to Network Solutions Quantify value of new initiatives Optimize existing infrastructure Identify best-of-breed solutions Employ proven best practices and methodologies Collaborative infrastructure and culture to multiply consultant value Knowledge transfer for sustainable results Formal quality program from initiation to close-out

10 The INS Solution Patch Management Service
Facilitate and establish a patch management process Plan and design a comprehensive patch management process Assist in the Implementation of the process

11 Patch Management - Features
Network Device and Host Inventory Determines your organization’s network and host inventory. A clear understanding of the devices and hosts within the organizations infrastructure must be defined and inventoried.

12 Patch Management - Features
Network Device and Host Assessment Maps your IT infrastructure to the patch management process. Suggested patch management solutions based upon findings

13 Patch Management - Features
Patch Monitoring and Discovery Builds the procedures for monitoring patches as they are released. Includes monitoring of all appropriate security intelligence sources required to identify any exposures or vulnerabilities that may impact the organization.

14 Patch Management - Features
Patch Evaluation Investigate, evaluate and test patches in accordance with business objectives, security and IT operational goals. Generation of a formal plan and documentation to govern the testing based on the type of system and vulnerability

15 Patch Management - Features
Patch Implementation Develop tools and templates to integrate with your change management policy. Develop the standard Security Advisory template Develop the procedures for the patch to go from testing, to implementation, including updating standard builds as needed.

16 Patch Management - Features
Patch Maintenance Develop tracking and reporting mechanisms Develop security awareness processes

17 Patch Management – INS Expertise
Strength of Security, Operating Systems, and Network and Systems Management consulting expertise Successful track record INS has the expertise and business-focused methodology to identify and quantify operational risk, engineer the right management and delivery process, and align quantifiable results to our customers’ business goals

18 Patch Management - Benefits
Proactively identify and remediate IT security vulnerabilities Focuses IT and security on the right set of problems to address Improved service performance and availability by optimizing business and systems processes Adds value to ongoing business initiatives, business continuity, reducing operating costs, and security mandates

19 Patch Management - Deliverables
Executive summary report A patch management process Recommendations and a plan for implementing a patch management process Plan for maintaining the patch management process lifecycle Client Engagement Book Knowledge transfer

20 CS: Patch Management Government contractor in healthcare space
DITSCAP and HIPAA concerns Server / Workstation profile One primary datacenter (~50 Wintel servers) 25-30 remote locations (1-3 Wintel servers each) ~1000 seats total (Wintel platform) Requirements Server / workstation hardening Process for maintaining secure environment DoD oversight for security Periodic network and system scans Review of process and procedures

21 CS: Patch Management Discovery Phase Assessment Phase
Network scans using ISS System scans with HFNetChk / MBSA Assessment Phase System scans with SRR scanner Issues with “vendor provided” systems Patch Monitoring / Evaluation Phase Development of regular list monitoring Developed lab for testing Patch Implementation Phase Change management process Patch evaluation and deployment process

22 Customer-centric, business-driven approach
The INS Advantage Customer-centric, business-driven approach Our primary approach is to relate technology strategies to business objectives We employ our highly documented Business Value Justification (BVJ) methodology throughout each engagement to ensure that measurable business value is delivered in terms of increased productivity, cost avoidance, asset protection, and business enablement. Our team works side-by-side with our customer’s team to develop tailored solutions that meet their objectives We focus on knowledge transfer to ensure that your staff becomes self-sufficient quickly

23 The INS Difference Vendor independence Business-centric focus
Optimal solutions to build, manage, and secure your network Business-centric focus Link business imperatives to network solutions Experience 15,000+ engagements Expertise 1,200 certifications in 96 categories Mature support systems KnowledgeNet Quality assurance program Collaborative culture Engage one, get the “team”

24 Thank you Steve Thamasett, CISSP, MSCE, NSA IAM
Web:


Download ppt "Patch Management Patch Management Best Practices"

Similar presentations


Ads by Google