Security and Compliance
Automated Third-Party Patching Controls: Lessons from the CrowdStrike Incident
For years, the IT industry has emphasized the importance of updating third-party products in our environments. However, incidents like the recent CrowdStrike update can cause significant concern across the business, especially among non-IT stakeholders. While the update itself caused problems, it highlights the critical need for effective controls during the patching process to maintain endpoint security.
The CrowdStrike Incident: A Wake-Up Call
Years from now, system administrators and security teams alike will be talking about the day when CrowdStrike sent a bad update into the wild and 8.5 million computers refused to boot. This recent update issue caused widespread disruption. Despite the CEO’s attempts to downplay the incident as a non-cyber event, the reality is that any such failure can have far-reaching consequences.
A significant part of CrowdStrike’s update failure was due to its channel updates, which are like virus definitions and cannot be controlled or disabled by users. These updates are pushed continuously by CrowdStrike, sometimes multiple times a day, without the ability to disable them. This scenario underscores the need for robust expectations from security vendors regarding QA testing and phased deployments, as well as the importance of internal QA and testing processes.
Phased Deployments: Putting Automated Third-Party Patching Controls in Your Hands
As much as we’d like to, we can’t control how a company like CrowdStrike tests and releases their product updates. However, we can apply our own controls and testing during our patching process to make sure that the impact of any problems doesn’t affect our whole organization. Phased deployments are a great example and a best practice that can mitigate the risk of a bad update. By starting with a small group of test users and gradually expanding the deployment to larger groups of users, and eventually the rest of the organization, IT teams can identify and address issues before they affect everyone.
Application Manager by Recast Software supports phased deployments, enabling IT administrators to implement updates in a controlled and systematic manner. This approach minimizes the disruptions we can control and ensures that any issues are quickly identified and addressed.
Don’t Ignore Patching: Learn the Right Lessons from the CrowdStrike Incident
Despite the recent situation where an update patch caused problems, we cannot overlook the importance of updating third-party software. Unpatched software poses a significant risk to organizational security. In 2021, software vulnerabilities surpassed phishing as the leading cause of costly breaches, highlighting the need for prompt and effective patch management. Organizations often manage dozens to hundreds of software titles, each requiring multiple updates annually. Manual patch management can be daunting, often leading to delays and human errors.
Recast Software’s Application Manager offers a robust solution to these challenges. Within Application Manager, you can completely automate the patch management process, while still delivering updates in a safe, controlled way. Application Manager ensures that third-party applications are updated promptly, reducing the risk of vulnerabilities being exploited. This automation not only improves security, but also frees up IT resources to focus on more strategic tasks.
The Best of Both Worlds for Automated Third-Party Patching Controls
Recast Software’s Application Manager is designed for efficiency and control, allowing you to schedule and test updates before releasing them to your entire environment. Start with a small group, expand after successful testing, and continue until the update reaches all users. Every one of the 2500+ applications will adhere to your set policies and deploy according to your release schedule, ensuring quick and safe third-party software updates automatically.
The CrowdStrike incident serves as a critical lesson in the importance of rigorous controls during the patching process. Leveraging tools like Application Manager allows organizations to enhance their security posture, reduce IT vulnerabilities, and ensure stability through tested patch releases. As the cybersecurity landscape evolves, effective patch management will be essential for mitigating risks and maintaining robust security.
Ready to take control of your patch management process? Contact us today to learn how Application Manager can help you implement automated third-party patching controls in your organization.