Patch Management Grows UpBy Karen Schwartz | Posted 2004-06-03 Email Print
Patch management software has gotten better, but businesses find that they still need resellers and integrators to keep their systems up to date.
For the vast majority of North American businesses, security of critical IT systems, while vitally important to survival and profitability, has become too arduous a task to manage without help. And that's where resellers and integrators come in.
For many businesses, the solution has been an attempt to patch security vulnerabilities in operating systems, applications and network devices as they occur using manual patching techniques. But as reported vulnerabilities in these critical systems grow at as much as 100 percent annually, even manual patching has become unwieldy, expensive and generally overwhelming.
Hit especially hard are small and medium-sized businesses, which don't have the time, expertise or IT staff to understand and deploy appropriate patches. That's especially critical for this sector of the market, which has reduced IT staff in response to market conditions.
And the expense can be staggering. According to Aberdeen Group, a Boston-based market research firm, patch management for operating systems alone cost enterprises more than $2 billion in 2002, mostly in the form of staff time. And Aberdeen Group expects these costs to increase through the end of this year, with no letup in sight.
To address these issues, more companies are now turning to automated patch managementsolutions that allow organizations to control, prioritize and deploy patches to address specifically targeted vulnerabilities before they cause harm.
Although there are many such solutions on the market, company executives increasingly are turning to solution providers, including resellers and systems integrators, to manage and deploy these solutions.
"We can tell them, across their entire organization, the discrepancy in their current patch level versus what's available with the tool," explains Darrin Lipscomb, president of Avrio Group Inc., a Salisbury, Md., IT solution provider and reseller of a patch management solution from Kaseya Inc. of Milpitas, Calif. "That's hard to do without something that's surveying your desktops and servers, and without specialized knowledge or expertise."
The lack of knowledge about patch management can be a great motivator for turning to a solution provider, agrees Dominick Genzano, senior partner at New York-based Secure Technology Integration Group Ltd., which resells PatchLink from PatchLink Corp. of Scottsdale, Ariz.
"This is a new process for them. They could install a [patch management] server and get the software up and running, but they wouldn't understand how to prioritize patches, set up a pilot, how to get the best value out of the reporting, how often these things need to be done, or how to do things like employing patch management across low-bandwidth links," he explains.
Customization is another reason to turn to a solution provider. Microsoft Office patches, for example, require some customization to run properlysomething an IT manager in a small company may not be able to do.
By turning to a solution provider for patch management, organizations also gain other benefits. "Patch management is usually part of a full information security program for their business, which also includes firewalls, intrusion detection, content management and anti-virus. We can show them where patch management fits in to give them a full solution," Genzano explains.
Cost and time savings for organizations employing patch management also are significant. According to Aberdeen Group, automated patch management results in significant time savings, translating into real dollar savings for organizations that currently use manual approaches to patch deployment.
But the benefits for resellers can be just as significant.
It's a great springboard for introduction to other services, Lipscomb says. "We have tremendous upsell and cross-sell capabilities when we have the information we can get from a patch management installation," he says.
And it works both ways, he says. "We often don't come in offering patch management, but things build on each other. When we install a new network, we usually follow it up with a managed service offering that would include patch management," he notes.
Because of the technology's clear benefits, Aberdeen believes more solutions will become available during the next six months and beyond, offering customers and resellers even more choice.
Popular Automated Patch Management Vendors