No doubt you’ve heard it said that you either do something right or do it fast. Too often, the implication is negative: By increasing speed, you lose accuracy. But in the world of IT, this tradeoff is unacceptable. IT teams need to be fast and precise without affecting the user experience.
Let’s look at patching. By patching vulnerabilities fast, you increase security but are at the risk of impacting the business if things don’t go according to plan. Finding the perfect balance between speed, accuracy, and impact is challenging – but not impossible.
In this blog, we’ll explore why some companies struggle to find the right balance. We’ll also cover a few best practices.
More coverage doesn’t translate to quicker remediation
The news about major vulnerabilities is mainstream. However, the most recent media coverage of Log4j proves that it’s not just IT professionals who depend on security news. With companies’ boards becoming more tech-savvy, users more demanding, and the cost of a breach more expensive, the attention on fixing vulnerabilities fast is ever-increasing.
To further highlight the problem, a study from the Ponemon Institute and IBM found that it takes 58 days longer to identify and contain a breach for organizations with more than half of their workforce remote. So clearly, the pressure’s on.
Everyone knows speed is essential. But even with this increased pressure, IT teams have a hard time shortening their mean time to remediate (MTTR). Commonly cited reasons for not finding the right balance are time constraints, disjointed workflows, and lack of visibility.
Time constraints are a big reason why vulnerabilities don’t get addressed right away. A workday only has a finite number of hours, and the constant influx of tickets and alerts distracts teams from the overarching goals of their department. New tools are helpful, of course, but it’s vital to focus on more than just technology. Improving processes and refining time management skills can often be impactful.
For example, read how our ITOps experts Dean Goss and Ben Rillie take their time back through gamification and, as a result, get more done.
Another reason for not finding the right balance is cumbersome processes and workflows. For example, IT managers often cite that the process for detecting and remediating vulnerabilities is disjointed and slow.
Incredibly, 44% of cyber and IT professionals say the relationship between IT and security doesn't work well at times. For example, detection solutions can identify and report vulnerabilities, but the ability to act on such information requires analysis, prioritization, and the manual creation of remediation steps.
Lastly, there’s the problem of visibility. Routine management gets clunky when one tool manages only a subset of the devices while another performs similar actions on other devices. This is especially evident within environments that use multiple tools for individual operating systems.
Streamlining: Easier said than done
At Automox, we recommend that all critical and publicly disclosed vulnerabilities are remediated within 72 hours (preferably even quicker). Many organizations struggle with this, but we also see plenty who have found the perfect balance.
Let's take a look at what the following companies have in common.
Koch Industries reduces its footprint
The only way for Koch Industries to move into the future and keep up with rapid growth was to decentralize its network. However, they were struggling with visibility amidst an actively growing corporate footprint and needed a way to take back control. By switching over to cloud-native solutions, they could focus their attention on the endpoint. As a result, they can now quickly act on every endpoint when necessary.
This makes sense. Focusing on security threats gets easier when you don’t have to worry about the vast infrastructure that supports your business. Cloud-native solutions that directly communicate with every endpoint – no matter the location and without additional infrastructure – reduce friction and can be managed more efficiently.
Inbox Marketing decides to automate, automate, automate
Faced with unreliable tools, Inbox Marketing knew they had to do something. But unfortunately, they relied on manual processes and, because of that, only pushed out updates on a weekly or quarterly basis.
However, once they were able to automate their process, they could:
Instantly see patches
Review pending patches
Consider error logs
Track the vulnerability status of every endpoint
The task is pretty straightforward: Stop doing manual work. Of course, this is a logical step but a hard one to implement.
To successfully automate routine tasks, IT teams must trust the provided endpoint data. Without up-to-date data, the risk of impacting productivity and user satisfaction is considered too high. Manual tasks can only be automated when up-to-date data becomes reliably available for each endpoint.
University of Colorado Law School consolidates its workflows
The University of Colorado Law School has successfully consolidated workflows to speed up their processes. By bringing all their Windows and Mac endpoints into a single tool, they stopped stressing about vulnerable devices and fixed vulnerabilities quickly without disrupting productivity.
Reducing the number of tools is critical for speed. However, relying on a single solution for all endpoints is just the start. The security and ITOps teams need to synchronize workflow so vulnerability data can quickly be remediated without cumbersome processes. Only by making collaboration frictionless can workflows be executed reliably and frequently.
Start somewhere – and start now
There is no magic bullet to solve the difficulty of balancing speed, accuracy, and impact, but there are some meaningful steps you can take towards that goal.
Step 1 | Establish a baseline for MTTR
The goal can be a north star throughout this process. Be ambitious and create milestones along the way so you're not demoralized throughout the process.
Step 2 | Identify top bottlenecks and causes of delays
Get together and ask your team why the goal is not met. Enumerate the top reasons and find patterns whenever possible.
Step 3 | Research strategies and solutions to alleviate hurdles
Start highlighting solutions that will get you closer to your MTTR goal. Think about technology when looking at the availability of accurate endpoint data or the impact of your back-end infrastructure. But don’t overlook people and processes when looking at workflows and automation.
Mirroring what successful organizations have done can be a good starting point. Don’t be intimidated by the difficulty of achieving your ambitious goal. Although initiating the project can be the hardest step, subsequent actions will follow quickly.
Automox for Easy IT Operations
Automox is the cloud-native IT operations platform for modern organizations. It makes it easy to keep every endpoint automatically configured, patched, and secured – anywhere in the world. With the push of a button, IT admins can fix critical vulnerabilities faster, slash cost and complexity, and win back hours in their day.
Demo Automox and join thousands of companies transforming IT operations into a strategic business driver.