Study: Staying Current on Security Patches Like Drinking from a Firehose

Feel overworked keeping up with security patches? You should, according to an analysis by a managed security services firm.

Activis released its own research finding that an administrator for even a medium-sized company with a nine-server, eight-firewall infrastructure would have had to make 1,315 updates so far this year to stay current with vendor patches. Activis used Microsoft servers along with other vendors' software in its analysis.

The United Kingdom-based subsidiary of a German firm notes that the number translates to five updates per working day, and Activis further estimates that the same administrator would have to manage half a million log file entries per day.

According to Activis, 99 percent of all attacks arise from known vulnerabilities and misconfigurations.

"In an ideal world, we recommend that network managers install every patch," John Cheney, managing director for Activis, said in a statement. "However, with many organizations using hundreds of servers, it is unrealistic to expect them to update every server with every new patch. Nevertheless, this is key to ensuring that public-facing systems such as Internet sites and Web portals, etc. are secure."

For Activis, the numbers serve as a pitch for its security outsourcing services.

For the rest of IT, the numbers provide a validation for frustration.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Office Mobile Apps To End as Microsoft Highlights New Office App

    Microsoft plans to end support for Windows 10 Mobile applications on Jan. 12, 2021, according to a Friday announcement.

  • Is Microsoft Finally Reinventing Office?

    Microsoft is testing out a new technology called "Fluid Framework." It could mean that Brien's dream of one Office app to rule them all might soon become reality.

  • Azure Active Directory Connect Preview Adds Support for Disconnected AD Forests

    Microsoft on Thursday announced a preview of a new "Cloud Provisioning" feature for the Azure Active Directory Connect service that promises to bring together scattered Active Directory "forests."

  • Microsoft Defender ATP Gets macOS Investigation Support

    The endpoint and detection response (EDR) feature in Microsoft Defender Advanced Threat Protection (ATP) has reached the "general availability" stage for macOS devices.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.