News Stay informed about the latest enterprise technology news and product updates.

Don't get swept away by patch drift

With hundreds of millions of lines of code operating on each client, IT managers have a tough job keeping their desktop environments stable, secure and consistent in the face of phenomenon known as drift.

Making sure that all your network's clients are in sync can be a bit like conducting an orchestra. If one goes flat, there's the possibility that others will spiral down that same path, creating discord in the entire system.

With hundreds

When you introduce anything new into an environment, it shifts the environment ever so slightly, and that's where the potential risks are.

Drew Williams, VP,

Configuresoft Inc.

of millions of lines of code operating on each machine, IT managers have a tough job ahead of them, keeping networks stable, secure and consistent.

"When you introduce anything new into an environment, it shifts the environment ever so slightly, and that's where the potential risks are," said Drew Williams, vice president of corporate development for Configuresoft Inc., a Colorado Springs, Colo.-based software company.

"Say you've got a small network of five clients and a server and you're running all the same applications on those five boxes," Williams said. "One time you update one system or you forget to update one system -- you've immediately introduced what's called 'drift' into your infrastructure."

An ongoing process for IT

Think of

For more information

Take a proactive approach to patch management


How to patch vulnerabilities and keep them sealed

it like boats on a lake. When they're anchored, they stick together. When they're not, they start drifting in different directions. The good news is that IT managers can combat drift with a little planning and a lot of vigilance.

Jon Saultz, principal information analyst for the city of Colorado Springs, spends about half of his time making sure that 900 desktops -- spread across more than 100 locations -- are protected.

New technologies are making that job easier, he said. "There were things in the past that you had to be at the console to do, but with the evolution of the software and actual hardware, you can do these things remotely now," Saultz said. "It's an ongoing battle that will never be won."

Weekly evaluation recommended

Eric Schultze, chief security architect with Shavlik Technologies LLC, in Roseville, Minn., said that in networks where the same operating system and applications are put on every machine, weekly evaluations can help ward off drift.

Executives want to hear that networks are up and running at peak levels, Williams said. Managers can avoid costly repairs for systems by maintaining a secure environment. That, in turn, increases the enterprise's profitability and productivity.

"Administrators need to evaluate what they consider their baseline policy for operation," Williams said. "They have to ensure, through automation, that level of compliance is realized at all points in the environment. Any inconsistencies, or drift, must be documented, reported and rectified as quickly as possible. That's called hardening your environment.

"Get control of the one box that you think is home base, the gold system, if you will, and make sure that you understand collectively what it means to be a gold system, and you can replicate that," he said.

Dig Deeper on Windows systems and network management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.