workstations and servers. The war of malware is happening on the desktops and it’s one of the single most important areas that need to be addressed as a SMB. The issue quickly becomes one of having the proper resources to manage these workstations and often falls back to a “best effort” on a good day. To properly update applications, patch operating systems and push out new versions of third party software you need a system that’s going to work for you. You need to work smarter, not harder.
Almost everyday we hear of another company being hacked because
they were hit by malware, or exploited due to a vulnerable application. The
majority of the time this happens is due to out of date software, or operating
systems that are being neglected in SMB companies. This is mostly due to the
sheer workload it takes to keep them up to date. Just as we keep hearing of new
companies being compromised, there’s an equal comparison to the vulnerability
alerts that are being notified by software vendors. It seems that every week
Microsoft, Adobe or Java are releasing some type of out-of-band, or critical
security patch that needs to be applied to your workstations/servers before it’s
exploited by an attacker.
The question quickly becomes: “How do you keep up?” For all those server administrators using Microsoft
WSUS to patch your workstations/servers I applauded you, but you’re only
covering half the threats with that mentality. What you need is the ability to
cover third party systems too, like the Java, Adobe, Flash, etc. These are the
one’s getting attacked frequently in the wild, because they deal with browsers
most of the time and are normally the gateway to malware if running an old
version. You need something that’s going to patch both and that’s not something
you’re going to get out of the box with WSUS. Hence the Kace K1000 systems management appliance.
There are many uses for the K1000, but one of the best use cases
of it is to patch all systems by determining what software is running on the
workstation/servers and alerting on which one’s are needed to meet your
security policy or corporate compliance. By understanding what patches need to
be applied to systems will give you a better view into the risk of your
environment and assist with securing holes that might be exploited otherwise.
There are also compliance reports that can be run to help with verifying
systems that require compliance being upheld to a certain standard.
By using the K1000, your administrators will be able to set
patch policy from both an operating system and third party patch point of view.
Once these policies have been created an administrator can quickly push out
patches to secure your environment and be freed to continue working on other
projects. This not only assists with securing your organization, but it frees
up resources.
I’ve personally used Dell
for many security solutions, this being one of them, and they always
continue to impress. One of the best security companies out there in my opinion. Here’s a
link to some other services they perform. I’d seriously consider them for
forensics and incident response too.
No comments:
Post a Comment