Topics:
Microsoft : Security
How Will You Spend Your Patch Tuesday?
The temporary Patch Tuesday armistice is something of a relief for Bob Burritt, IS network and technology manager for Kettering Medical Center Network, a group of 50 health-care facilities in and around Dayton, Ohio. But he's not reserving a tee time just yet. "We always have something else to do so it is not a hole in anyone's workload," he says. At Brown University, it's Paul Asadoorian's job as lead IT security engineer to review the monthly set of patches and make recommendations to the groups in charge of the school's desktops and servers based on the amount of risk each Microsoft vulnerability poses. Managing Patch Tuesday has become just another routine for Asadoorian and the rest of Brown's IT staff. "People always say it's a big day, but it's the normal course of doing business," he says. In fact, the lack of a Patch Tuesday makes Asadoorian more uncomfortable that he would normally be on the second Tuesday of the month. "For me, I think it's pretty scary," he says. "It gives people too much of a sense of security." Asadoorian would actually like to see Microsoft deliver more patches spread throughout the month than wait for one particular day. "You can't lose sight of the fact that attackers don't wait until patches come out to attack your systems," he says. "I would like to see Microsoft release patches out of cycle, so that we don't have to do our own workarounds." So does this Patch-less Tuesday come as a big relief? A surprise? Just another day? Long overdue? "All of the above," says Larry Whiteside, information security officer for Marsh Inc., a provider of risk and insurance services. The lack of a Patch Tuesday disrupts what had become a monthly ritual for Marsh that included time spent analyzing each Patch Tuesday release and scheduling meetings to discuss them. "Every IT person I know of has taken a sigh of relief," he says. "This is more than long over due, but my fear is this: what will happen next month?" Hopefully, it won't mean twice as many patches. Windows has overnight (or over the course of a month) become a much more secure product? More likely, Microsoft recognized that the timing of March's Patch Tuesday couldn't be worse, as companies were until this past weekend more focused on the Daylight Savings Time issue than anything else (even Windows). "To add Black Tuesday to the mix this month with critical vulnerabilities would send people reeling," Whiteside adds. There are probably as many opinions about Patch Tuesday as there are people charged with securing their company's IT systems. We'd like to hear yours. Let us know how you'll be spending tomorrow's Patch-less Tuesday. « Mobile Web Use Higher In The U.S. Than Europe | Main | Join Us In Second Life Tuesday For A South By Southwest Kaffeeklatsch » |
| Sign Up Now For InformationWeek News Alerts |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
