Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? According to the results of a recent survey by ACROS Security, those responsable for it are asking for – among other things – the capability to quickly un-apply patches if they cause problems, security and functional patches to be decoupled, want to have better control over which patches we want to apply, and have the ability to install security patches for all products from one central management point.
“In addition to answering survey questions respondents commented: mobile devices are often out of network, equipment is switched off and all this can delay patch deployment. They prefer just the change of code bits, not entire libraries. They appreciate having complete and frank information on the patch from software vendor (‘if it adds telemetry don‘t call it a fix’, said one of them). Participants also expressed the need for better vendor support for security patching,” the company noted in the report.
Read more about the findings of the ACROS Security survey on Help Net Security.