Proposal for Managing System Security Patches in an Enterprise Network

Managing the security of a large complex enterprise network is a difficult and daunting task. Critical business needs rely on numerous types of operating systems running various applications that are inherently not secure. New vulnerabilities in various applications and operating systems are found every day. The rapid increase to guard against known vulnerabilities being released shows an essential need to implement an enterprise-wide process. This paper details one means of tracking the multitude of serious vulnerabilities that affect our fictitious large-scale enterprise network and require us to implement patches. The paper does not detail the difficulties that ensue when trying to determine what effect the patches may have on business applications, only how to manage the implementation of patches across the enterprise with a large yet busy staff of Information Technology (IT) and security professionals. This paper details one possible solution to establishing an Emergency Vulnerability Alert (EVA) structure, the EVA process preparation; what will need to be in place prior to the implementation of the process, a complete layout of the EVA process detail, and finally what challenges (downfalls) may be faced with implementing the process proposed in this practical.