Insights: Article

To Patch or Not to Patch? Here’s How to Be Smart About it

By Karen Andersen

September 07, 2017

The topic of patching seems fairly straight forward. If a patch comes out, should you apply it? In almost every instance, the answer is yes!

The main purposes of patching include:

  • Addressing security flaws and known vulnerabilities.
  • Providing enhanced functionality.
  • Ensuring that your software and systems are up to date. 

Each organization should have a policy that addresses patching. As part of the policy, document any exceptions. It is possible that a server, application, or asset may not be able to be patched, and it's important to document why. Consider the options, and document the analysis and decision. Part of the analysis should include:

  • Assessing the risks to not apply a patch and the cost of correcting the issue.  For example, if you have a server or software that cannot be patched because it is no longer supported and the vendor is no longer supplying fixes, you need to evaluate the risk of running an unsupported (unsecure) system versus the cost of replacing that system. Yes, we’re talking about your outdated version of an accounting system or the server from days gone by. If you’re still rocking some outdated systems, now is the time to evaluate your security risks before it’s too late. For more check out this eBook.  
  • Calculating the cost of potential threats that may occur if the vulnerability is exploited. Realizing that a data breach, in the long run, is likely to be very expensive when compared to the cost of a new server may help support the business case for replacement.

Note: Choosing not to apply a patch as quickly as possible leaves your business at risk of a hacker taking advantage of the vulnerability and gaining access to your system or your data. Consider this an open door or a door with an ineffective lock to your businesses IP and data.

One other thing: When applying the patch, ensure patches are downloaded from the manufacturer. If it comes from another source, there’s a possibility that it’s malware or has been compromised leaving you open to a security threat.

Lastly, be aware with multi-layered software and applications, a simple combination can create a weakness, which is all the more reason to make it a priority to stay current with the latest patches. For more on how to protect your business from ransomware, read on.

Latest Insights

September 21, 2018
Article
In the wake of hurricanes, devastating results have been experienced by communities and businesses throughout the Texas Gulf Coast, Caribbean, Florida and southeastern United States. As a result of these catastrophes, businesses will turn to…
September 20, 2018
Firm News
Eide Bailly LLP announced the winners of its 2018 Nonprofit Resourcefullness Awards, recognizing creative and sustainable revenue ideas from nonprofits in Arizona, Colorado, Minnesota, North Dakota and Utah.
September 19, 2018
Article
The IRS has started sending out Letter 5699 asking businesses to verify if they should have filed Forms 1094/1095-C. These forms are required for all ALEs.
September 19, 2018
Recorded Webinar
Are you considering doing business or having employees in Pennsylvania? Have you had issues with your state tax filing? Join our state and local tax team for some helpful insights into Pennsylvania tax filings.
September 19, 2018
Recorded Webinar
Are you considering doing business or having employees in Nevada? Have you had issues with your state tax filing? Join our state and local tax team for some helpful insights into North Dakota tax filings. This webinar will cover registration,…
September 19, 2018
Recorded Webinar
Are you considering doing business or having employees in North Dakota? Have you had issues with your state tax filing? Join our state and local tax team for some helpful insights into North Dakota tax filings. This webinar will cover registration,…
September 18, 2018
Article
As the largest tax reform legislation in the past 30 years becomes reality, it is important to stay up-to-date on planning opportunities and how reform may impact you and your business. Our Tax Reform: Practical Insights examples aim to break down…
September 18, 2018
Tool
Get ahead of tax season with the Eide Bailly Tax Planning Guide. A supplemental strategy guide to help guide year-end and make the tax laws work for you.
September 18, 2018
Article
The SCOTUS Wayfair decision has prompted a new focus on state and local tax compliance. The decision to register, report, and comply is important.