Patch Opens New Engagement Opportunities

By Frank Ohlhorst  |  Posted 2008-12-17 Email Print this article Print
 
 
 
 
 
 
 

WEBINAR: On-Demand

The Myths and Truths of Building a World-Class Cyber Defense REGISTER >

Microsoft's emergency patch created to fix a serious security vulnerability in all versions of Internet Explorer, will install automatically. But solution providers can use the patch as an opportunity to fix browsers, tune up systems and install better security protections.

The automated nature of this fix doesn’t means solution providers have to sit on the sidelines. Solution providers should be calling their customers to discuss the severity of the security flaw, discuss remediation options and validate whether or not a PC has been affected. With a security flaw this severe, due diligence is of the utmost importance.

Once a customer understands the severity of the threat, it will be up to the solution provider to offer some advice and take some action. At the very least, automatic updating of the PC should be enabled, so this security patch and others are delivered automatically. Solution providers can use that as a catalyst to sell patch management solutions to their customers. Patch management solutions are available from vendors such as Shavlik, Ecora, Symantec, Numara, GFI and many others. Some solution providers can offer to go one step further and offer managed services to handle patching, removing all worry from the customer.

Initial tests by Channel Insider have shown that Microsoft’s fix to the problem works reasonably well and doesn’t seem to break any other functionality in the browser. Patch management solutions usually validate patches before hand to make sure that a patch doesn’t damage any existing applications, which in this case would offer a welcome increase in comfort.

Another opportunity for solution providers comes in the form of remediation. Being as it is quite difficult to determine if a PC has been compromised by the IE flaw, best practices dictate that a system should be tested for malware and then fixed if infected. Solution providers can use Microsoft’s own Windows Malicious Software Removal Tool as a starting point for system remediation.

Although the Windows Malicious Software Removal Tool is a good starting point, it’s not the end all, be all of remediation. Here, solution providers should turn to advanced products such as those available from AVG, Symantec, McAfee, Trend Micro and others for complete anti-malware products. The real goal here should be to remediate the system and install a complete desktop security suite, which offers secure browsing and anti-phising protection.

Solution providers can go one step further and offer up to their customers a hosted and managed security service, such as what is available from PureWire or Trend Micro. Those solutions incorporate inline scanning, along with anti-malware detection and prevention and can prevent exploits from impacting a customer, regardless of patch status.
 
Solution providers will find some other tips for dealing with the problem quite useful and could lead to some networking integration work. For example, PCs that don’t allow users to have administrative privileges are less likely to be impacted. Here, solution providers can define policies to limit a user’s access on the PC, a good practice to implement regardless of the flaw.

Solution providers will find that the news here isn’t all bad, many of the anti-malware companies have announced that their products have protected users from the IE flaw. Symantec, AVG, and a few others claim that their respective "safe browsing" technologies protect users from harm.

The real lesson here for solution providers is to use this flaw as a method to offer services and enhance current security offerings. At the very least, solution providers should be calling their customers to either let them know not to worry (they are already protected) or to offer help to solve the potential problems caused by IE’s latest flaw and perhaps pitch improved security products and services.

 
 
 
 
Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at frank.ohlhorst@ziffdavisenterprise.com
 
 
 
 
 
























 
 
 
 
 
 

Submit a Comment

Loading Comments...
























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date