|
Improving data security throughout the enterprise remains a top business priority. Organizations of all sizes continue to experience the ebb and flow of computer server and system attacks by viruses, worms, malware/spyware threats and mis-configuration vulnerabilities. As impact on the bottom lines of these organizations increases, security management’s use of a formal patch management program has become the norm for many IT personnel worldwide. PatchLink Corporation continues to maintain its role as one of the leading providers of automated, security patch management across all leading operating system platforms and mainstream applications.
Sean Moshir, the founder and current chairman of PatchLink, has focused on security management software and utilities for enterprise administration since 1991, with the current mission of expanding his security technology expertise into the consumer mobile device market to achieve new personal mobile productivity standards. Moshir is also currently CEO of Mobile Information Management (MIM) software and services company CellTrust (www.celltrust.com).
Moshir has led several industry changing technology initiatives during his career. In 1993, he created the world’s first network management language and later sold trade name and technology rights to IBM and Novell, respectively. Then in 1994, Moshir went on to co-develop one of the very first network anti-virus VAPs for Central Point Software, which was eventually acquired by Symantec. He also created the NetBasic compiler in 1995, as well as scripting component tools for Internet communication. This application gained so much momentum among Novell users that Novell licensed the technology into its NetWare operating system and eventually acquired the entire NetBasic product. In 2001, Moshir sold IT management provider Altiris a system management software program designed for UNIX/Linux operating systems. A few years later in 2004, he was instrumental in completing the PatchLink Update licensing agreement with Novell, which immediately allowed the open source network management leader to extend its ZENworks Suite offering to partners and
customers worldwide.
As the founder of the “patch management” category of software and recipient of today’s only patch management patent, Moshir continues to dedicate his work toward furthering consumer and business security and productivity technologies. As such, he actively participates in global forums, participates on industry trade panels at shows including COMNET, RSA, TechEd, CSI, Gartner Sector5, and BrainShare, and works with various industry associations and analysts to educate today’s market on the next generation mobile device technologies projected to make headline news over the next five to 10 years.
In an interview with IT Defense, Moshir shares his views on the state of the patch management software category and his security visions for the future.
ITD: How has the patch management category evolved over the last five years?
Moshir: Patch management in its nascent form was rather primitive in nature. Many defined it as a formal and oftentimes manual patching regimen. Today, patch management has taken on greater significance in its ability to easily integrate with and support other automated vulnerability management activities such as end-point security, making it a critical component of any organization’s layered network security program. As such, PatchLink’s value proposition is to provide best-of-class patch and security management offerings together with professional services, to mitigate and dramatically reduce network security risks.
ITD: How do current patch management offerings counter the current volatile climate experienced by business today?
Moshir: Any system platform or application software that remains unpatched presents a high-level risk and point-of-data exposure for a multitude of network-based attacks. Although industry criticism often falls upon the vendors’ shoulders to create more secure software, for most this is an unrealistic goal and still a controversial demand even with Microsoft doing its best to secure its latest Windows offerings. In just four short years, patch management has truly become an integral component of today’s security network best practices. With this said, PatchLink’s automated patch management software and subscription offering — PatchLink UpdateÔ — continues to provide efficient and flexible detection, remediation, auditing, and reporting according to company policies and baselines across all enterprise platforms and boundaries.
ITD: What are you finding to be the most important factors for IT decision makers in terms of patch management implementations?
Moshir: It is still my understanding as it always has been that enterprise-level deployments of patch management software regardless of size require: an ability to operate within an existing WAN infrastructure; multi-platform support; reliable, real-time reporting; role-based administration; support for centralized management with distributed deployments; and contextual customization.
ITD: How are patch management vendors such as PatchLink and others tackling these requirements?
Moshir: First it’s important to understand that the market continues to address patch management from several directions. For example, vendors from varying solution categories such as configuration management, system management, intrusion detection, and vulnerability scanning are quickly jumping into this space through mergers or acquiring technology. While representing significant advances in regards to offering patch and vulnerability management, enterprise organizations are still finding that bundled toolsets have limited functionality. Moreover, the agent-based verses agent-less technology debate has for the most part aligned itself with the pro-agent camp as the preferred and more secure distribution methodology for assessing and deploying patches and updates to a distributed enterprise. It’s still apparent that pure-play patch management vendors such as PatchLink, BigFix and Shavlik continue to better meet the scope of requirements desired by IT security professionals in global private and public sector environments.
ITD: Please comment on some misperceptions pertaining to patch management obstacles currently held by IT security professionals.
Moshir: Although patch management continues to receive attention and is an important part of any company’s security strategy, it’s not the only answer. As I have mentioned in the past, a security strategy that doesn’t take into consideration the balance of security vulnerabilities such as those underscored by SANS (sans.org) and other organizations is fundamentally flawed.
Whereas only a few years ago, the most significant hurdle to overcome was manual versus automatic patching, today’s overriding issue resides in the assurance that the application vendor’s patch won’t break the system upon deployment and that it is accurately distributed and auditable. We typically find systems administrators who want nothing more than to be assured that the patches they role out are going to make them heroes not villains. This is possibly the greatest role a patch management vendor can provide to its customer base. That is why for years PatchLink has provided intensive patch testing to provide this level of assurance and guarantee to its customers.
ITD: What do you like most about the industry and category?
Moshir: Patch management continues to address so many critical security issues that it is hard not to get excited about the category’s positive impact nationally and globally. It seems like only yesterday we were manually patching. Now, it appears as I predicted a few years back that automated patch management has become equally as popular as anti-virus software among IT security professionals.
ITD: What’s the future of patch management?
Moshir: There still appears to be some momentum and market share left for the taking in regards to patch management systems. I predict that over the next year to 18 months, there will be continued convergence in the category and with other security solution vendors. I believe that patch management will continue to grow beyond the operating system to protect all types of applications and subsequently achieve increased recognition from IT teams who require security management products that are not only easy to use but transparent in nature.
Go Back
|
