AIS helps International Bank to Improve Patching and Patch Reporting
.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d28e542c-cc56-45c8-9ec0-ca39c01c8154-oHh6350)
Overview
-
Part 1
Challenge
The Bank’s enterprise team, responsible for patching and vulnerability governance and oversite, was heavily encumbered with manual processes and reporting using 65+ different endpoint management tools.
-
Part 2
Solution
AIS led the team to deliver effective patch identification and patch validation processes by integrating BigFix Patch and BigFix Inventory with the Bank’s home-grown, patch management system – automating manual processes.
-
Part 3
Results
The Bank gained consolidated and accurate patch KRIs / KPIs reports and eliminated the painstaking manual effort to identify relevant patches for over 260 software titles eliminating hundreds of hours of staff time, reduced their vulnerability remediation time and security risk.
The Challenge
Transformation story
Struggling with enterprise patch and vulnerability governance and oversite, the Bank was heavily dependent upon manual processes and over 65 endpoint management tools and custom applications. After exploring various alternatives, BigFix was chosen for patch identification and validation -- identifying 95% of the relevant server patches, and the exact location of all software instances.
The Solution
Business Challenge
With more than 100,000 servers supporting their 250,000-person workforce, the effort to identify patch and remediate vulnerabilities was an enormous and expensive endeavor. Spreadsheets were used to collect and consolidate information across many tools to feed their patch management system. Patch teams worked continuously to identify available patches across 260 software titles. Patches for each title was checked about once a month creating a significant window of vulnerability and risk for the Bank.
After spending two years trying to integrate the data from over 65 different endpoint management tools with their patch management system, the Bank needed a better, automated way to validate and identify patches.
Solution
At that time, the Bank learned that their IBM ELA would allow them to upgrade their deployed IMLT licenses to BigFix without incurring additional cost. As a result, the Bank was able to collect detailed hardware and installed software information using BigFix Inventory and gained access to available patches for all the software titles supported by BigFix’s software catalog. Armed with new information, the Bank was impressed to learn that BigFix had patch information on over 80 non-windows applications while Tanium supported only eight. BigFix also supported more operating systems and database platforms than Tanium. As a result, the Bank deployed BigFix to more than 100,000 servers worldwide. BigFix Patch and BigFix Inventory were integrated with the Bank’s home-grown, patch management system.
The Results
By using BigFix and integrating it with the Bank’s patch management system, the Bank was able to consolidate and produce accurate patch KRI / KPI reports providing them greater visibility into patch and remediation operations. Equally as important, the Bank eliminated the painstaking manual effort to identify relevant patches for over 260 software titles saving thousands of hours of staff time annually while significantly shortening their vulnerability remediation time.
Next steps
The integrated solution has allowed the Bank to identify 95% of the relevant server patches as well as the exact location of all software instances. In 2021, the Bank wants to expand patch coverage to even more titles. Additionally, AIS is proposing that the Bank leverage HCL’s new Insights for Vulnerability Remediation (IVR) solution to reduce the time between vulnerability discovery and remediation.
AIS is now offering this integrated, patch validation and identification solution -- EPIC Patch V1 – to other organizations and is working to deliver patch deployment with the next version of EPIC Patch. More information available at http://www.epicpatch.com
About the company
Founded in 1995, Advanced Integrated Solutions (AIS) is a national IT services company with headquarters in Orange County, California, and offices in S. Carolina, Florida, and N. California. AIS is a high-quality provider of IT services including architecture, implementation, integration, and training for IT Security, Digital Intelligence, Asset and Service Management solutions.
Share on
Related Capabilities
Enterprise Security
Security from application to endpoint. Vulnerability detection, mitigation, and remediation — before, during and after the attack.
Learn more.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-2bb79ff9-bc69-4c16-b42b-a14b1a70f882-oHq-L3I)
Digital Transformation
We fuel your DIGITAL+ economy journey with technology that transforms experiences for your customers, employees and stakeholders.
Learn more
Data, Analytics & Insights
Data fuels ambitious and smart organizations. We keep planes in the air and supply chains moving, and process billions of transactions — every day.
Learn more.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-cbacea07-5965-49e2-a52e-5527905a29d2-oHq.9K.)
AI & Automation
Humanizing AI to solve real-world problems is key for business growth. AI will help power intelligent decisions at the DNA level of every enterprise.
Learn more.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-1845f3ff-6d80-4d39-aaf5-411e0a8c2f78-oHwCRNC)
+(1).png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-6a1f0f46-89e3-4895-85bc-7756761b53f7-oHwCXJv)
+(1).png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b7e1f665-d92e-4075-909f-85dc4376a261-oHwD5E.)
- ${title}${badge}