News

Study: Staying Current on Security Patches Like Drinking from a Firehose

• By Scott Bekker
• 12/03/2001

Activis released its own research finding that an administrator for even a medium-sized company with a nine-server, eight-firewall infrastructure would have had to make 1,315 updates so far this year to stay current with vendor patches. Activis used Microsoft servers along with other vendors' software in its analysis.

The United Kingdom-based subsidiary of a German firm notes that the number translates to five updates per working day, and Activis further estimates that the same administrator would have to manage half a million log file entries per day.

According to Activis, 99 percent of all attacks arise from known vulnerabilities and misconfigurations.

"In an ideal world, we recommend that network managers install every patch," John Cheney, managing director for Activis, said in a statement. "However, with many organizations using hundreds of servers, it is unrealistic to expect them to update every server with every new patch. Nevertheless, this is key to ensuring that public-facing systems such as Internet sites and Web portals, etc. are secure."

For Activis, the numbers serve as a pitch for its security outsourcing services.

For the rest of IT, the numbers provide a validation for frustration.