Proposal

Proposal

Name:

Institution:

Proposal

Xavier Inc. recently failed a government audit because the firm’s computer network lacked a functional patch management system along with a system for regularly checking on the network servers. The company has 50 windows server 2012 systems deployed in the network. These servers perform key functions for the firm such as providing DNS (Domain Name Systems) protocols, providing DHCPs (Dynamic Host Configuration Protocol), file and print services, email services and hosting databases. The firm needs to protect its networks in the right manner to prevent the losses that it would incur if a system failure resulted in mass loss of data.

Proposed Patch Management Process

The proposed patch management process is supposed to be a never-ending process. This way, the network will be safe from vulnerabilities that the users have already detected as well as any new faults that may come up in future. The process of developing a new patch management system entails six crucial steps (Meier, Mackman, Dunner, Vasireddy, Escamilla and Murukan, 2006). In the first two steps, the faults in the system are detected and analyzed. These faults include bugs and glitches, missing security protocols and updates. The detection and analysis of threats is best carried out on a scheduled basis using security software. The Microsoft Baseline Security Analyzer (MBSA) can carry out this function for the firm’s Windows servers (Smith, 2012). After detecting the system’s security threats, the next step should be to acquire the necessary patches and fixes. Microsoft usually rates the patches and fixes that they release to show the ones that are crucial to the system’s security (Kelleher, 2012). The necessary patches can be downloaded directly from the firm or through any software used to detect security threats in the network or system. The process of checking and downloading new servers should to occur twice a month. The best day for this to take place would be on a Saturday so that there are not people using the computer systems and interfering with the process.

Testing is perhaps the most important step in the patch management process. New patches need to be tested to ensure that they do not cause an outage in the servers and to make sure that the servers are still able to carry out key functions after the patches have been installed (Smith, 2012). The process of testing the patches needs to be thorough and test that the patches install properly and that they make the desired changes to the systems after installation. The testing can be carried out in a prepared lab that is able to recreate the conditions of the systems in which the patches will be installed. Additionally, the testing should be done in different departments to make sure that the computers in each of the firm’s departments respond favorably to the changes (Smith, 2012).

After testing, the next step should be to deploy the patches. This step should also be done on a Saturday when most people are not using the system to reduce the risk of interferences and interruptions. Microsoft provides software that installs patches without requiring the installer to go through all the computer systems involved. The last step in the patch management process is maintenance. Keeping the computer systems updated is a crucial part of the process because it reduces the amount of work required and ensures that the systems are always safe (Meier et al, 2006). While it is necessary to maintain the systems regularly, it is also important that to ensure that the process does not interfere with users of the system. The department in-charge of maintenance should schedule the process to take place once every week on Friday night. This way, the systems remain safe without the users being disturbed.

References

Kelleher, D. (2012, January 12). 5 tips for server management. Retrieved from http://www.gfi.com/blog/server-patch-management/

Meier, J.D., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R. and Murukan A. (2006, January). Improving web application security; threats and countermeasures. Retrieved from http://msdn.microsoft.com/en-us/library/ff647981.aspx

Smith, R. (2012, April 27). How to establish a process for patch management. Retrieved from http://www.biztechmagazine.com/article/2012/04/how-establish-process-patch-management