Case Study

Smooth Sailing with Patch Management as a Service

By August 22, 2024 No Comments

Smooth Sailing with Patch Management as a Service

Lightbulb with check mark icon

Challenge

Streamline deployment of application security patches cross-fleet in a consistent and timely manner to employee workstations while maintaining a seamless user experience.

Target and arrow icon

Solution

Implemented a comprehensive technology strategy to identify vulnerabilities, create and automation and reduced test application packages, deployment failures.

List with magnifying glass and check mark icon

Result

Significantly matured patch management program with increased utomation and reduced test application packages, deployment failures.

Summary

When a global cruise company with over 300,000 employees sought to enhance their IT security and application management, they turned to SDG. The objectives were clear: Identify vulnerabilities, manage application publishing, ensure seamless deployment and upgrades of applications, and minimize package installation failures. This initiative focused on improving the application packaging and deployment process.

In Depth

Challenge

The organization faced several significant challenges, including identifying and addressing vulnerabilities across a vast number of devices, managing the constant release of patches and updates, and ensuring the efficient deployment and upgrade of applications. Additionally, they needed to reduce installation failures and streamline their application package creation and deployment process.

Specific challenges to overcome:

Vulnerability Identification: The organization had a vast number of devices, each posing significant vulnerabilities that needed to be identified and addressed.

Deployment and Upgrades: Ensuring the smooth deployment and upgrade of applications on remote systems was challenging due to the company’s size.

Patch Management: Keeping up with the constant release of new patches and updates was a major challenge.

Installation Failures: There was a need to reduce the instances of application package installation failures in the production environment.

Application Publishing: Managing and streamlining the publishing of applications for a large number of users was complex and resource-intensive.

Solution

SDG developed a comprehensive strategy leveraging Tenable.IO, Microsoft Intune, and Microsoft Azure. The strategy included a robust approach to vulnerability assessment, application packaging, and deployment, supported by customized scripts and thorough testing.

Patch Lab: Developed an isolated, replicated environment test package deployments, ensuring only production ready releases are distributed.

Vulnerability Assessment: Vulnerabilities were identified, analyzed, and validated through penetration testing on in-scope devices, providing a clear picture of the client’s risk landscape

Zero-Day Management: Zero-day vulnerabilities were promptly addressed as solutions became available, ensuring minimal exposure.

Application Packaging: Packages of client-provided applications were created and deployed in lab systems using Intune, ensuring they were ready for rollout.

Custom Scripting: Customized scripts were used to enhance application packaging, minimizing installation failures in the production environment.

Thorough Testing: The client was provided with thoroughly tested packages ready for deployment in the production environment, ensuring reliability and stability.

Results

The implementation of SDG’s comprehensive strategy led to significant and tangible results, addressing the client’s initial objectives and improving their overall IT security and application patching processes.

In addition, SDG successfully:

1

Addressed Gap Remediation: Identified gaps were addressed with a remediation plan that defined precise corrective actions, ensuring thorough coverage.
2

Reduced Risk: Vulnerability risk was significantly reduced, lowering the probability of a breach and enhancing overall security.
3

Improved Visibility: Visibility into vulnerability and patch management was vastly improved, enabling better oversight and control.
4

Enhanced Deployment: Experience in application deployment and testing through Intune was extensively enhanced, ensuring smooth operations.
5

Revamped Processes: The application packaging process was revamped and made more efficient, streamlining workflows and reducing delays.
6

Reduced Failures: The rate of application package deployment failures in the production environment was noticeably reduced, improving reliability.
7

Improved Onboarding Efficiency: The improved application packaging process allowed for efficient onboarding of endpoints in Intune, preparing the production environment for seamless deployment.

Conclusion

As a result of partnering with SDG, our client matured their end-user computer patch management process with
an efficient, frictionless, secure, and repeatable program. SDG’s strategic approach to identifying and managing vulnerabilities, along with their prompt response to addressing zero-day threats, greatly improved the mean time to patch and overall posture. The use of Tenable.IO, Microsoft Intune, and Microsoft Azure allowed for comprehensive testing to occur, ensuring minimal disruption, streamlined application deployment, and reduced installation failures through custom scripting. This successful implementation not only improved operational efficiency and reliability but also positioned the cruise line for future success in a dynamic digital landscape.

About SDG

SDG is a leading provider of technology, consulting, and managed services that enable organizations to confidently execute cybersecurity, identity, and risk management solutions to mitigate risk, protect assets, and grow securely. To learn how SDG can help your organization, visit SDGC.com or call us, +1 203.866.8886.

SDG [Technology + Passion] - Risk