Centralized Patch Management - Proven Security Approach for Ransomware Protection
Download as PPTX, PDF0 likes748 views
The document discusses Seqrite's centralized patch management solution for Microsoft applications, emphasizing its importance in maintaining organizational security and preventing vulnerabilities. It outlines the patch management process, the significance of timely updates, and the benefits such as enhancing security, productivity, and compliance. Additionally, it describes how Seqrite's endpoint security aids in managing patches automatically to protect against malware and other threats.
Centralized Patch Management - Proven Security Approach for Ransomware Protection
- 1. www.Seqrite.com Centralized patch management solution for all Microsoft application vulnerability patching needs. Seqrite Endpoint Security. Patch Management : Overview Technical Training Department Quick Heal Technologies Ltd. 1
- 2. www.Seqrite.com Contents • What is Patch Management • Why patching plays an important role in every organization’s security? • Examples of incidents in which software vulnerabilities have been an enabler of security breaches • How does Seqrite help? • What can you do with SEPS Patch Management? • Patch Management Reports • Key Benefits of Patch Management 2
- 3. www.Seqrite.com What is Patch Management 3 Patch Patch Management A Patch is piece of software designed to update computer applications, programs to fix security vulnerabilities and other bugs in order to improve the usability or performance. Patch management is the process of using a strategy and plan of what patches should be applied to which systems at a specified time.
- 4. www.Seqrite.com Why Patching Plays a Crucial Role in Every Organization’s Security? 4
- 5. www.Seqrite.com 5 “Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks...” Gartner, Predictions for IT Security Directors in 2007
- 6. www.Seqrite.com 6 As per data published by CVE Details, in 2016 the most vulnerable Windows applications were Adobe Flash Player, Adobe Reader, Adobe Acrobat, VLC media player, Oracle JRE(Java) and web browsers such as Firefox, IE etc. Important Stats
- 8. www.Seqrite.com MYTH REALITY We’re protected since we already have a firewall and an Intrusion Detection System. Despite all the attention that firewalls, anti-virus applications and Intrusion Detection System (IDS) receive, security vulnerabilities still plague organizations. Why patching plays an important role in every organization’s security? Our Company isn’t a target for attacks • If you look at recent events you will see, Ransomware like WannaCry and Troldesh attacked enterprises and systems at random, based on specific vulnerabilities. • On the other hand, it is not just large enterprises that need to be concerned about targeted attacks. • Any organization can become the target of a disgruntled employee, customer or contractor. So, it is important to move beyond the “it can’t happen to me” feeling of security.
- 9. www.Seqrite.com 9 • Here they release software/ Operating System attackers & hackers out there looking for loopholes and vulnerabilities that will let them in. • The fact is no software or Operating system is bullet proof. • Managing and updating software updates is a daunting challenge for enterprises. Why patching plays an important role in every organization’s security?
- 10. www.Seqrite.com Examples of incidents in which software vulnerabilities have been an enabler of security breaches In 2016, there were 702 million attempts to launch an exploit – malware that uses bugs in software to infect devices with additional malicious code like banking Trojans or ransomware. This is 24.54% more than in 2015. The number of corporate users attacked by exploits increased 28.35% to reach more than 690,000, or 15.76 % of all users attacked with exploits. India ranks 10th in the list of Global Web Application Attack Source Countries while it is fourth on the list of top target countries for web-application attacks, according to a new report by Akamai Technologies Inc., a global player in content delivery network.
- 11. www.Seqrite.com Recent Security Breach due to Windows Vulnerability Patch, patch and patch ! This has been the go-to mantra of security professionals and the recent WannaCry ransomware attack has highlighted its importance once again. A large number of PCs worldwide were not patched with the latest update from Microsoft windows which led to the recent WannaCry ransomware havoc worldwide. What was the scenario? • On Friday, 12 May 2017, over 200,000 computers across 150 countries including India were infected by the WannaCry ransomware attack. • WannaCry is a ransomware that encrypts all the data files on the infected computers and asks users to pay 300 USD to restore the files. If the ransom is not paid in three days it threatens to double the ransom amount. • Solution offered by Microsoft: Update your OS else apply MS17-010 patch on computers. Why did it happen? Microsoft had released patch for the same in March, 2017. However, systems that did not apply this patch were affected by the WannaCry ransomware Conclusion: Only those windows systems were affected by this Ransomware which were not patched by MS17-010 released by MS in Mar-17.This scenario could have been avoided if Patch Management was placed in networks to patch-up the systems on a single click.
- 13. www.Seqrite.com Seqrite EPS Patch Management 13 • Patch Management enables the centralized management for checking and installing the missing patches for the applications installed in your network. • Allows Administrator to download and apply only require patches on EPS Clients. • Not mandatory to have WSUS configured in your organizational network , allows to download updates directly from Microsoft Server. • Can be deployed on same EPS Console System or on a separate system also. • Not mandatory to have Network OS(Win Server OS) to deploy EPS PM Server, can be installed easily on either on Network OS or on client OS also. • Systematic reports availability on EPS Console Server about installed patched on endpoints. • Can be configured and applied to groups and policies separately as per organizations requirement.
- 14. www.Seqrite.com Patch Management: Overview 14 Patch Categorizations Missing Patches Automatic Installation Critical Important Moderate Low Unspecified Managing the Patch Frequency Exception Helps to detect and install missing patches for Microsoft & Non –Microsoft Applications and Windows OS Patches are categorized as per severity level, thus allowing to prioritize the patch install process Vulnerability may allow code execution without user interaction. Vulnerability may result in compromise of the confidentiality, integrity or availability of user data. Impact of vulnerability is mitigated to a significant degree by factors such as authentication requirement or applicability only to non-default configurations. Impact of vulnerability is comprehensively mitigated by the characteristics of the affected component. Vulnerability may result in random malfunctions. Scheduling the frequency of patch scanning is possible. If any client is offline during the scheduled time a notification is sent. Scheduling the system to automatically install missing patches is also possible. In production or testing environment, there may be a requirement where operating system or applications are required in the unpatched form. To facilitate this, patch install exclusion is provided where the admin can exclude endpoints from patch installation.
- 16. www.Seqrite.com Patch Management- Key Benefits 16 Security: Patch Management helps to keep your network secure from malware attacker who targets software and OS vulnerabilities, by Auto download of patches based on the severity. Improves Productivity: Many times vendor bugs or unexpected crash of applications results into unwanted network downtime, Patch Management helps to keep all these things at bay by downloading such fixes in the form of patches. Compliance: Organizations need to be secure enough to be able to protect employee data, customer data etc. Unpatched applications are vulnerable to attack, which may further result in business loss, penalties and fines. Patch Management enables the organization to meet the compliance criteria. Better utilization of IT Department: Manual process of Patching systems and applications takes too much and efforts of IT team, Patch Management is an Automated Patching Tool which downloads and installs patches from centralized location. This helps to reduce the burden of IT staff. Endpoints are safeguarded against web based threats, these are threats which targets users while they are browsing the internet. Most of these programs target operating systems and programs such as: • Java • Adobe Reader • Windows OS and Internet Explorer