Happy Patch Tuesday!

Jan 14, 2020 - Robert Thurston

Computer code displayed in color on a screen

Proactive patch management is a core tenant of effective IT security for every organization. However, the challenge is not as straight forward as simply opting in (unfortunately). Many seasoned veterans in the IT Support industry can tell you of incidents where business processes, critical applications and even basic workstation function were impacted by a “bad patch” released from a software vendor.

As part of our commitment to providing protective and proactively Managed IT Services, AlasConnect utilizes a structured test deployment model called “canary deployments” when applying software patches to our customer environments.

The concept of a canary deployment comes from the twentith century mining practice of using a live domestic canary to detect the presense of toxic gas, such as carbon monoxide, in mining environments. As a sentinal species, the canary would become ill before miners would, allowing the miners to escape harm by taking proactive measures (respirators or evacuation).

Similarly, our customer organizations designate a small percentage (typically <5%) of their user base to serve as early adoption users, who recieve new code patches or features before their co-workers. By maintaining communication with these test users we are able to avoid potential pitfalls of rolling out code patches to an entire organization. While most software vendors perform extensive testing of their code, utilizing a plethora of analysis tools and complex methods, occasionally a bad patch is nonetheless released, in which case our early adoption users are the last line of defense.

Today, Microsoft announced two critical security flaws in their Microsoft Windows operating system (CVE-2020-0601 & CVE-2020-0609). AlasConnect has been monitoring these flaws since they were announced and is taking proactive measures to assure that our clients are well protected from possible exploit.

Rest assured that at AlasConnect, in our own corporate IT environment, we serve as the “earliest adopter” of new patches for our clients. As your business partner, we take our commitment to the security and performance of your business technology systems seriously enough to leverage our own in protecting them.