Shifting the burden

General Accounting Office auditors found that for reasons such as limited budgets federal agencies don't always make use of the growing number of tools and services that automate the process of managing security patches.

Among the tools now available are ones that:

Create an inventory of hardware and software, including all patches that have been installed.

Create logical groupings of systems — by department, machine type or other categories — for the purpose of managing patches.

Evaluate PCs against preset criteria such as required system configurations.

Test patches to discover whether they cause programs to crash or produce other unintended consequences.

Source: General Accounting Office

Featured

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Comment
    cloud (Phaigraphic/Shutterstock.com)

    A call for visionary investment

    Investing in IT modernization is not an either-or proposition, Rep. Connolly writes. This pandemic has presented Congress a choice: We can put our head in the sand and pretend these failures didn't happen, or we can take action to be prepared for the future.

Stay Connected