A Practical Methodology for Implementing a Patch management Process

The time between the discovery of an operating system or application vulnerability and the emergence of an exploit is getting shorter, sometimes only a matter of hours. This imposes pressures on IT managers to rapidly patch production systems which directly conflicts with configuration management best practices of quality assurance testing. Many organizations are struggling to keep current with the constant release of new patches and updates. At the same time, they are under pressure to provide near 100% availability of key business systems. IT organizations must develop a process to ensure the availability of resources, install required security patches and not break existing systems in the process. This paper presents one methodology for identifying, evaluating and applying security patches in a real world environment along with descriptions of some useful tools that can be used to automate the process.