We\'re trying to implement a patch schedule in our environment for both linux an

Question

We're trying to implement a patch schedule in our environment for both linux and windows systems.

I'm curious to hear how often other enterprise companies are patching their servers so we can get an idea of what the rest of the world is doing.

I've found plenty of documentation from SANS etc on the policy but haven't found much on the frequency of patching. Mainly I'd like some ammunition when the complaints begin from our admins; generally to avoid reinventing the wheel.
How frequently install patches in an enterprise environment?

Explanation / Answer

I've seen enterprise companies that install all (required) updates in an acceptance environment the day the updates are released. Once installed in this environment, it is thoroughly tested.

If all goes well then they patch the production environment two weeks later. However, this goes for regular patching. If there are one or more security patches that are applicable to your environment it is recommended to do this as soon as possible.

Examples for immediate patching (within 24 hrs) are: Heartbleed, Shell Shock, GHOST etc.

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.