Quantcast
Cloud Patch ManagementPatch Management

Top 5 Challenges Of Patching a Mixed OS Environment

By December 4, 2017 No Comments

As you have no doubt experienced, the increase in device operating systems connecting to the company network has resulted in an increase in your attack surface. It wasn’t that long ago that Microsoft Windows was the dominant OS, and their update service, WSUS, handled the majority of patching needs. In recent years Apple OS X and different Linux distros have grown in market share, and today nearly every organization runs a mixed OS environment.

This proliferation of operating systems presents a challenge for IT teams who need to keep track of every system in their infrastructure, the vulnerabilities each system could be exposed to, and the new patches released by OS. As the number of devices and operating systems increases, staying current with patching becomes critical to maintain data security. Patching mixed environments is obviously more difficult and time consuming than patching a network running entirely on Windows. Let’s look at the top challenges to patching mixed environments.

  1. Lack of Time

Time is one of the most valuable resources for IT security teams, and the time it takes to patch manually is a top reason patching is often put off. A recent survey of IT professionals1 found that nearly half admitted that they cannot keep up with patching.

We know Windows based systems can rely on WSUS to manage updates, though the process is error prone and often frustrating. And Mac and Linux systems require time intensive manual patching. This was less of a problem when there were few Mac or Linux systems being used. However, as they have become more prevalent, attacks on non-Windows systems2 have increased.

  1. Patch Testing is Complex

One element of patch management is testing patches before they are fully deployed to ensure they are reliable. Compatibility testing3 of patching is, by its nature, a time-consuming task. With a mixed OS environment, the dependencies IT Managers need to check to ensure a new patch won’t affect other applications becomes more challenging.

  1.  Inability to Report Patch Status

Knowing what patches are outstanding is important for IT teams to prioritize work and gain visibility into their organization’s security. Keeping records of patching is more difficult when users are operating multiple systems. Instead of gathering data through one patch management program, IT Managers need to look at two or more systems and then manually compile a full patch status report.

When new attacks happen, executives want to know in real time if their system is vulnerable. Verifying systems are secure in a mixed OS environment and then providing a report that shows patch status across an entire infrastructure becomes an all hands on deck fire drill that impacts the overall productivity of the IT team.

  1. Difficulty Tracking Inventory

As infrastructures grow, IT teams need to maintain an updated inventory of individual systems and software applications. This is important both to track company resources and to stay on top of security updates. In a mixed OS environment without current inventory visibility, workstations and servers are likely to be running different versions of their operating systems. Some may even run multiple operating systems in virtual environments. Keeping track of these systems, and knowing when new systems are added, is a burdensome task which can quickly get out of control.

  1. Maintaining Compliance

Data security is under increasing scrutiny. The need to be compliant is becoming a requirement of new data security regulations. For example, if your company processes credit card data, you must adhere to PCI requirements which state that critical patches be applied within one month of release.

Regular patching is often included as a compliance requirement, and multiple operating systems make this requirement more difficult to meet. Compliance audits often fail due to lack of patching. In one study, 81% of failed audits4 could have been prevented with patching or a configuration update. It’s crucial that companies with multiple environments invest the resources to stay patched. Compliance is not a one time event, but an ongoing security requirement.

Automated Patching for Mixed-OS Environments

Multi OS environments are a reality, and the inability to patch them in a timely matter is a security risk. When looking for a patch automation solution, focus on those that can patch multiple environments from a single dashboard.

As a cloud based solution, Automox seamlessly handles patching for multiple operating systems as well as third party software regardless of endpoint location. Automox also provides real time visibility of patch status and includes infrastructure patch reporting. To see how simple it is to patch a mixed OS environment, check out our free trial, no credit card required.

1 https://www.tripwire.com/misc/combating-patch-fatigue-register/

2 http://www.zdnet.com/article/mac-users-you-have-to-patch-too/

3 http://searchitoperations.techtarget.com/tip/Server-patch-management-for-multi-OS-data-centers

4 http://www.eweek.com/security/software-patches-could-prevent-most-breaches-study-finds

Holly Hamann

Author Holly Hamann

Holly Hamann serves as Automox's Chief Marketing Officer and is an entrepreneur and start-up veteran. She has helped launch six tech companies in the social media, content, video, and marketing software industries and specializes in SaaS software marketing, content marketing, and influencer marketing. She is an American Marketing Association "Marketer of the Year" recipient and holds a Bachelor's Degree in Mathematics and Computer Science.

More posts by Holly Hamann