One of the cornerstones of cybersecurity practices is patching. Now, patching isn’t glamorous work, but it’s just the sort of work that keeps your credit union—and all of its members—safe.
Patching is also mandatory, so there’s that. And it’s surprisingly tedious. And, for a security requirement required by law, it’s surprisingly easy to put off or forget about.
The Basics of Patching for Credit Unions
We’ll just keep this brief. The basics of patching are pretty straightforward.
One of the easiest things for a hacker to do is to exploit a known vulnerability that hasn’t been patched. The last thing any credit union wants is a hacker—there’s just too much rich, juicy, sensitive financial and member data in there. It must remain safe.
So, modern cybersecurity best practices dictate that all credit unions have a patching policy. What’s more, the NCUA requires it, too. And the NCUA requirements are more than suggestions—they’re regulations. Basically, you must patch.
Your credit union needs a patching process, methodology, and the tools to ensure PCs, laptops, and servers stay up to date. If they’re not up to date, then you increase your risk of getting hit by a known exploit that could have been prevented by proper patching.
Here’s Why Managed Patching Works
Patching is the process of finding, downloading, and installing patches. Managed patching is when you point your finger at someone else and tell them to do it instead. It’s surprisingly effective.
To be sure, you’re not just delegating to a junior IT professional. No, you’re delegating to a business whose managed patching service is streamlined. Now, I know what you’re thinking: why would we do that? Can’t we just patch on our own?
Yes, of course, you can. You have been. But maybe it’s taking too much time and energy. Or maybe you’ve missed a few critical patches and you want the peace of mind that comes from knowing you’ve got nothing to worry about because someone else is handling things. Here’s what managed patching brings:
- Years of patching experience
- Streamlined patching processes
- Attentive support
- Effective and convenient patching
- Flexible patching windows
- Customizable patching groups
Those are the basics. That’s not an exhaustive list, but it’s a really good start. But, just in case you’d like a more detailed picture about what managed patching for credit unions looks like, try this:
A More Detailed Look at Credit Union Managed Patching Best Practices
Patching should be done at least once per month. More is fine. Less is not so fine. Not all businesses release patches on the same day or even the same week. If 100 patches come out over the course of a month, they’re not all going to be available at once. The more often you patch, the more up to date your security will be.
At Ongoing Operations, we schedule a lengthy patching window every week to ensure all patches are current.
Some patches are more important than others. We prioritize patching for Windows machines. Additionally, we prioritize patches for all devices like this:
- Critical updates
- Definition updates
- Security updates
- Update rollups
The above patches represent about 90% of all monthly patches. There are some other patches that need a little extra care, such as with third-party patches and legacy software.
If anything fails, then try, try again. Not all patches get identified, downloaded, or installed the first time. When that happens, don’t fret too much. You can always try again (and you should).
At Ongoing Operations, we like to give failed patches a little time to sort themselves out. We retry failed patches during the next open patching window.
Subscribe to our blog to learn more about managed patching for credit unions. We’ll be updating it with a lot more information about credit unions, patching, and best practices around those subjects. Or just follow the links below to see what else is new in the managed patching world.
If you’d rather not beat around the bush, click this link to speak with an expert about managed patching.