Patch management is an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system. Patch management tasks include: maintaining current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation, and documenting all associated procedures, such as specific configurations required.
Using a dedicated solution for Patch Management eases the IT staff’s job and saves time and costs through automation, allowing a centralized management of heterogenous environments.
It is important to realize that just because it is not easily quantified does not mean that the ability to remediate vulnerabilities sooner is not a valid benefit. In reality, it can and does save organizations from successful attacks. The real value in this case is a general level of risk reduction that yields a range of qualitative benefits, such as the reduced likelihood of:
- Loss of data.
- Loss of revenue.
- Loss of credibility with customers and partners.
- Legal action/liability.