News and Insights – August 2018

Why Patch Management Still Fails in 2018 (and How to Fix It)

Patch management is a critical IT hygiene task that most businesses understand but few execute well. In August 2018, Argentine SMBs continue to struggle with timely patching—exposing systems to known vulnerabilities and compliance risks.

Despite countless high-profile breaches (many preventable through simple updates), patching remains inconsistent. Common reasons include lack of resources, unclear ownership, fear of downtime, or poor awareness of available updates.

Patching is not just about Windows Updates. It includes:

• Firmware patches for routers and firewalls
• Critical updates for productivity software like Office or Adobe
• Kernel patches for Linux-based systems
• Updates for third-party tools like Java, Chrome, or device drivers

Challenges faced by Argentine SMBs in 2018 include:

• Legacy software that doesn’t support newer patches
• IT staff wearing too many hats, delaying scheduled updates
• Manual tracking systems (e.g., spreadsheets or informal logs)
• Fear of breaking production systems
• Lack of central visibility across multiple device types

The consequences of poor patching include:

• Increased exposure to malware and ransomware
• Data breaches from known, preventable exploits
• Non-compliance with data protection laws
• Poor system performance or incompatibility

Recommendations to improve patch hygiene:

• Centralize patch management with RMM tools or endpoint suites
• Test patches in a sandbox before pushing to production
• Automate schedules to apply patches during off-hours
• Enforce patch policies in Acceptable Use and onboarding checklists
• Report monthly on patch coverage and exceptions

Small businesses with less than 50 devices can use tools like:

• Windows Server Update Services (WSUS)
• PDQ Deploy (free version)
• NinjaRMM, ManageEngine, or Datto RMM (for managed IT providers)

Example Case: A Rosario-based accounting firm delayed Java updates for months, fearing compatibility issues with a tax platform. In June, they were infected with a crypto-miner exploiting an outdated JRE version—slowing systems and damaging client trust. The fix? One routine patch.

In 2018, proactive patching is no longer optional. Even the smallest firms hold sensitive data, operate cloud services, or allow remote access. If those endpoints aren't patched, the risk compounds exponentially.

Checklist: Is Your Patch Management Failing?

• Are all operating systems set to auto-update?
• Do you track updates for third-party software?
• Are servers and mobile devices included in patch plans?
• Do you review patch logs or compliance reports?
• Are failed patches automatically retried or alerted?

Here is your Patch Management Checklist.