Bad software patches cause critical IT failure
Half of businesses have suffered at least one business critical IT failure as a result of installing a bad software patch, according to GFI Software.
The research also revealed that a quarter of those surveyed suffer recurring IT failures and lost productivity resulting from software bugs and incompatibilities introduced by badly developed software updates.
Commitment to deploying critical updates quickly is clear, with 90% of those surveyed applying patches within the first two weeks after they are released. However, for many the process remains a manual one, with 45% not using a dedicated patch management solution to distribute and manage software updates.
This lack of automation is a major contributing factor that explains why 72% of surveyed decision makers do not deploy within the all-important first 24 hours after a critical patch is released to the public.
Additional key findings:
- 51% of those surveyed said their organisations did not have a rigid policy regarding the installation of critical software updates
- 25% of respondents have suffered multiple IT failures as a result of buggy patches or compatibility issues created by a software update
- The legal (43%) and healthcare (40%) sectors struggle the most with recurring IT problems caused by bad patches
- The personnel sector is the biggest user of dedicated patch management solutions, due to the lack of dedicated on-site IT support in most recruitment offices
- 29% of the survey group consider security to be the most important benefit of prompt software patching
- Improved productivity within the IT department, added security and compliance are the main drivers for investment in patch management solutions.
“The stark figures revealed by this research reinforce the importance of testing patches before deploying them in a production environment. Patch management solutions help keep the balance between maintaining productivity – testing patches to make sure they do not interfere with the business environment – and applying security patches in a timely fashion to avoid compromising security,” said Cristian Florian, product manager at GFI Software.
The research revealed a clear shift within the financial services sector, which following the implementation of stringent compliance regulations such as Sarbanes-Oxley and Basel II, has moved from being cautious regarding IT change to being more open to deploying updates and critical patches as soon as possible in order to reduce the risk of data loss, theft or reduced oversight over financial activities.