While the world used to be virtually all Microsoft Windows a decade and half ago, that isn’t the case today. In fact, only one in five devices is Windows. That means that your Linux server, Mac laptops, and smartphones / tablets have overtaken all of your Windows devices. That’s a stunning reversal when 9 out of 10 devices were Windows only fifteen years ago. The impact of that change is being felt across all of IT. Processes need to be changed. Tools need to be replaced and/or upgraded, and personnel need to learn how to manage new platforms. Like many other areas where centralization of management is critical, you will discover why you need one unified patching solution for all of your OS’s.
When an IT infrastructure was virtually all Windows, it made a lot of sense to leverage Microsoft’s WSUS platform to help patch your servers, desktops, and laptops. WSUS became a standard utility for all organizations in the 2000s. Microsoft was much more focused on introducing patches on a regular basis and getting those critical updates to every machine was an important task for IT. WSUS helped make that happen. Even with Microsoft’s utility it was painful for IT to ensure that all of their Windows systems were updated and behaving properly.
If an organization had a few Linux and Mac devices, those would just be patched ad hoc. Because there were so few of these endpoints, and there was less perceived security risk to those platforms, it wasn’t a core part of IT’s world to ensure that production Linux systems were updated and that Mac laptops were on the latest OS. IT largely left these tasks to the individual owners of these machines. Mac was viewed as being the most secure operating system so whether a user updated it or not regularly, was believed to be low risk. Linux systems could be scripted and controlled remotely a great deal easier so updates could be built in to run regularly. Unfortunately, that didn’t always happen and machines would be left unpatched and vulnerable to known threats.
As the IT landscape shifted to be more heterogeneous with Macs and Linux machines dramatically increasing in volume, the existing patching approach didn’t work. WSUS doesn’t support Mac and Linux devices. MacOS updates don’t help you with Windows, and your scripts to update your Linux systems aren’t helping you with your Windows and Mac systems. Quickly your patching process for a mixed platform environment becomes exponentially more difficult to manage and the result is that it just doesn’t happen. And with each passing update that isn’t implemented your systems become more vulnerable. With more exploits available than ever and more malicious people trying to hack your devices, your risk of a material breach increases.
The path forward here is to implement a patching process and system across all of your devices. It shouldn’t matter how many Windows, Mac, or Linux systems you have and how many you add, there should be a systematic approach in place that ensures all of your devices are up-to-date on a regular schedule. You’ll want to ensure that your network is visible in a single dashboard so you can monitor new and existing updates. Then you execute a process to deploy them across all of your machines regardless of platform and their availability (i.e. are they gone overnight or periodically turned off). You may even want a process to ensure that you have tested the patches on a group of machines before rolling them out to your broader devices. Of course, each platform will have its own policies for deployment and your patching platform of choice should take care of that for you.
The benefits of having one patching solution for all of your OSs is significant. You’ll ensure that you increase the security of your organization, your users will have the latest functionality and security, and you’ll save time with one tool to handle all of your patching needs. This approach to patching is exactly how Automox works. Automox is the first SaaS-based cross platform patching solution that will automate the process across your entire infrastructure.
About Automox
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.
