Your SlideShare is downloading. ×
0
Patch Management: 4 Best Practices and More for Today’s Healthcare ITMay 11th, 201111:00 am PST / 2:00 pm EST<br />
Meet Our Speakers<br />Ian Bartell<br />IT Director<br />Roswell  Regional Hospital<br />Gerald Beaulieu<br />IT Automatio...
Polling Question 1<br />What is your biggest pain point for Patch Management?<br />- workstation<br />- server<br />- lapt...
Patch:  It’s the Same Problem<br />A.  Knowing about the patch, the severity, and the risk<br />B.  Getting the patch to a...
How Bad is Manual Patching?<br />Monitoring for new patch:  <br />10min/d or 61hr/yr<br />61hr * $70/hr = $4.5K<br />Apply...
And the Exploit Timeline is Shrinking<br />Days Between Patch & Exploit<br />As this cycle keeps getting shorter, patching...
Healthcare Institutions: Patching is Top Automation Target<br />IT Service<br />SW upgrades & patches<br />Backups<br />Mo...
4 Best Practices for Patch Management... + 1 Bonus Tip<br />Discover & assess<br />1<br />Identify & test<br />2<br />Eval...
Discover & assess<br />Best Practice #1Discover & Assess<br />1<br />Are there any threats in your environment?<br />Has a...
Identify & test<br />Best Practice #2Identify & Test<br />2<br /><ul><li>How do you learn about new patches?
How do you decide if the patch relevant?  Needed?
Which PCs/servers will need a patch?
What is/are the system priority/ies?
Which systems are most vulnerable?
How will you test the patch itself?</li></li></ul><li>Evaluate & plan<br />Best Practice #3Evaluate & Plan<br />3<br />How...
Deploy & remediate<br />Best Practice #4Deploy & Remediate<br />4<br /><ul><li>Pre-deployment
Do you notify users?  Support?
Do you provide training?
Did you check all your distribution/deployment points?
At deployment
How do you monitor patch distribution progress?
How do you deal with slow connections?
Upcoming SlideShare
Loading in...5
×

Patch Management: 4 Best Practices and More for Today's Healthcare IT

1,503

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,503
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Patch Management: 4 Best Practices and More for Today's Healthcare IT "

  1. 1. Patch Management: 4 Best Practices and More for Today’s Healthcare ITMay 11th, 201111:00 am PST / 2:00 pm EST<br />
  2. 2. Meet Our Speakers<br />Ian Bartell<br />IT Director<br />Roswell Regional Hospital<br />Gerald Beaulieu<br />IT Automation Expert <br />Kaseya<br />
  3. 3. Polling Question 1<br />What is your biggest pain point for Patch Management?<br />- workstation<br />- server<br />- laptop<br />- other<br />
  4. 4. Patch: It’s the Same Problem<br />A. Knowing about the patch, the severity, and the risk<br />B. Getting the patch to all your servers and PCs<br />
  5. 5. How Bad is Manual Patching?<br />Monitoring for new patch: <br />10min/d or 61hr/yr<br />61hr * $70/hr = $4.5K<br />Applying new patch: <br />10min or 0.16hr<br />0.16hr*500PC*$70/hr = $5.6K per patch<br />MSFT patches/yr = 72 (3 yr avg)<br />Impact of managing 1 image/yr: <br />$4.5K+($5.6K*72) = $408K<br />Source: Microsoft, 2010<br />
  6. 6. And the Exploit Timeline is Shrinking<br />Days Between Patch & Exploit<br />As this cycle keeps getting shorter, patching is a less effective defense<br />Automation for testing and deployment needed<br />331<br />180<br />151<br />25<br />Nimda<br />SQL <br />Slammer<br />Nachi<br />Blaster<br />Source: Microsoft, 2010<br />
  7. 7. Healthcare Institutions: Patching is Top Automation Target<br />IT Service<br />SW upgrades & patches<br />Backups<br />Monitoring<br />Ticketing<br />Response*<br />75%<br />61%<br />58%<br />38%<br />*Out of 174 healthcare IT leaders when asked – by Kaseya – their top 2011 target for automation<br />
  8. 8. 4 Best Practices for Patch Management... + 1 Bonus Tip<br />Discover & assess<br />1<br />Identify & test<br />2<br />Evaluate & plan<br />3<br />Deploy & remediate<br />4<br />Automate<br />5<br />
  9. 9. Discover & assess<br />Best Practice #1Discover & Assess<br />1<br />Are there any threats in your environment?<br />Has anything changed in your operation?<br />Do you have an accurate, current inventory?<br />Can your infrastructure support patch management?<br />
  10. 10. Identify & test<br />Best Practice #2Identify & Test<br />2<br /><ul><li>How do you learn about new patches?
  11. 11. How do you decide if the patch relevant? Needed?
  12. 12. Which PCs/servers will need a patch?
  13. 13. What is/are the system priority/ies?
  14. 14. Which systems are most vulnerable?
  15. 15. How will you test the patch itself?</li></li></ul><li>Evaluate & plan<br />Best Practice #3Evaluate & Plan<br />3<br />How do you ensure all parties agree with “need to deploy?”<br />Exceptions?<br />How will you install the patch?<br />PC vs server? Corporate vs remote?<br />Do you combine with other tasks?<br />Who will do it?<br />When will you install the patch?<br />How will you test an installed patch?<br />Do critical business functions still “work?”<br />How much testing is required?<br />Where does testing occur?<br />
  16. 16. Deploy & remediate<br />Best Practice #4Deploy & Remediate<br />4<br /><ul><li>Pre-deployment
  17. 17. Do you notify users? Support?
  18. 18. Do you provide training?
  19. 19. Did you check all your distribution/deployment points?
  20. 20. At deployment
  21. 21. How do you monitor patch distribution progress?
  22. 22. How do you deal with slow connections?
  23. 23. Post-deployment
  24. 24. How do you deal with exceptions?</li></ul>12<br />
  25. 25. Best Practice Bonus TipAutomated Patch Management<br /><ul><li>Assess
  26. 26. Use predefined, predetermined network scans to assess installed - and uncover missing - patches
  27. 27. Identify
  28. 28. Create alerts to capture new software added to inventory
  29. 29. Create new patch schedules, where needed
  30. 30. Evaluate
  31. 31. Create periodic vulnerability reports - and compare to patch policy - to determine which patches are needed
  32. 32. Create patch-analysis and patch-test scenarios
  33. 33. Deploy
  34. 34. Schedule patch distribution by time, by system, by group, or by user-defined collection of systems
  35. 35. Create exception-handling routines
  36. 36. Create real-time deployment reports for users and management</li></ul>Automate<br />5<br />
  37. 37. Recap: 4 Best Practices for Patch Management + 1 More<br />Discover & assess<br />Determine current state of environment<br />1<br />Identify & test<br />Employ procedures to obtain patches and stack-rank for use across environment<br />2<br />Evaluate & plan<br />Develop patch deployment policy and schedule, as well as a corresponding exception plan<br />3<br />Deploy & remediate<br />Deploy & remediate<br />Coordinate distribution with stakeholders, manage patch exceptions, and compile relevant reports<br />4<br />4<br />Automate<br />Automate to reduce delivery cost, improve staff productivity, and ensure system performance<br />5<br />
  38. 38. About Kaseya<br />Patented<br />#7,827,547<br /><ul><li>Value Proposition
  39. 39. A single Kaseya user can proactively manage 1,000s of automated IT systems tasks in the same amount of time required by a team of technicians using other techniques.
  40. 40. Key Facts
  41. 41. Founded 2000 & HQ in Switzerland
  42. 42. Privately held, no debt, no external capital requirements
  43. 43. 33 offices worldwide in 20 countries with 450+ employees
  44. 44. 10,000+ customers
  45. 45. 5,000,000+ assets managed
  46. 46. Patented technology and FIPS 140-2 compliant</li></li></ul><li>The Kaseya Solution for Automated Systems Management<br />Comprehensive<br />Automates all systems management tasks<br />Integration friendly<br />Scalable and flexible<br />Uncomplicated<br />Lightweight, 1 agent<br />Cross platform<br />Easy to install & use via a single pane<br />Affordable<br />On-premise or cloud<br />http://www.kaseya.com/products.aspx<br />
  47. 47. Integrated Patch ManagementAutomated scans, policies, deployments & reports<br />No WSUS!<br />http://www.kaseya.com/get-started/demo.aspx<br />
  48. 48. Other Market Leaders<br />Universities and K-12 Schools<br />Hospitals and Care Facilities<br />Our Customers<br />
  49. 49. Reduce Risk<br />Reduce Cost<br />Improve Service<br />Proven ROI<br /><ul><li>Family Health Center – San Diego (1,000 PCs) deployed EE and improved core application uptime from 85% to 99.6%
  50. 50. Virginia Tech (500 PCs) used Remote Access (IT Toolkit) to decrease MTTR by 83%
  51. 51. N. Conejos School District (500 clients) saved $100K with automation and increased PC availability from 80% to 99%
  52. 52. Cano Petroleum (100 PCs) usedEE to demonstrate SOX compliance with 100% IT control
  53. 53. Integrated Health Management (250 workstations) achieved target HIPAA compliance every year since EE first deployed
  54. 54. BankFirst (150 PCs) used EE to satisfy FDIC compliance regulations – since 2007
  55. 55. Advanced Motion Control (500 workstations) used EE to reduce monthly CADD updates from 2 hrs/PC to 5 mins/PC
  56. 56. Redbox (10,000 clients) used EE to reduce number of kiosk-technician visits by 90% in 1 year
  57. 57. National Health Service (1,000 PCs) saved 15 hrs/month on mandatory SW updates with EE</li></li></ul><li>Other Accolades<br />Industry Awards<br />Industry Reviews<br />“Kaseya's products have a reputation for being easy to install and use, compared with many competitive products.”<br />Gartner, 2011 (#G00209766)<br />“Service automation is vital to IT success. Kaseya is purpose-built for this next era of computing.”<br />OVUM, 2010 (#TA001974ITM) <br />“Kaseya’s strength lies in the ease of implementation, support for their customers, and comprehensive service level management.”<br />IDC, 2009 (#219336)<br />“Kaseya’s IT Automation Framework can help many types of IT management organizations. Quickly. Affordably.”<br />EMA, 2008 (#1429091307<br />
  58. 58. Polling Question #2<br />Would you like to learn more about …<br />- Yes, I’d like to try Kaseya free for 30 days<br />- Yes, but I have no idea what Kaseya costs<br />- Yes, please have someone contact me<br />- No, not at this time<br />
  59. 59. Q&A and Resources<br /><ul><li>Explore Kaseya Patch Management</li></ul>http://www.kaseya.com/features/patch-management.aspx<br /><ul><li>Learn More About Kaseya</li></ul>www.kaseya.com/PPSresources<br /><ul><li> Contact Us</li></ul>sales@kaseya.comor toll free +1 877-692-2003<br /><ul><li> Join the Kaseya Conversation</li></ul>www.kaseya.com/community.aspx<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×