Overview

  • Part 1

    Challenge

    The Bank’s enterprise team, responsible for patching and vulnerability governance and oversite, was heavily encumbered with manual processes and reporting using 65+ different endpoint management tools.

  • Part 2

    Solution

    AIS led the team to deliver effective patch identification and patch validation processes by integrating BigFix Patch and BigFix Inventory with the Bank’s home-grown, patch management system – automating manual processes.

  • Part 3

    Results

    The Bank gained consolidated and accurate patch KRIs / KPIs reports and eliminated the painstaking manual effort to identify relevant patches for over 260 software titles eliminating hundreds of hours of staff time, reduced their vulnerability remediation time and security risk.

The Challenge

Transformation story

Struggling with enterprise patch and vulnerability governance and oversite, the Bank was heavily dependent upon manual processes and over 65 endpoint management tools and custom applications. After exploring various alternatives, BigFix was chosen for patch identification and validation -- identifying 95% of the relevant server patches, and the exact location of all software instances.

The Solution

Business Challenge

With more than 100,000 servers supporting their 250,000-person workforce, the effort to identify patch and remediate vulnerabilities was an enormous and expensive endeavor. Spreadsheets were used to collect and consolidate information across many tools to feed their patch management system. Patch teams worked continuously to identify available patches across 260 software titles. Patches for each title was checked about once a month creating a significant window of vulnerability and risk for the Bank.

After spending two years trying to integrate the data from over 65 different endpoint management tools with their patch management system, the Bank needed a better, automated way to validate and identify patches.

Solution

At that time, the Bank learned that their IBM ELA would allow them to upgrade their deployed IMLT licenses to BigFix without incurring additional cost. As a result, the Bank was able to collect detailed hardware and installed software information using BigFix Inventory and gained access to available patches for all the software titles supported by BigFix’s software catalog. Armed with new information, the Bank was impressed to learn that BigFix had patch information on over 80 non-windows applications while Tanium supported only eight. BigFix also supported more operating systems and database platforms than Tanium. As a result, the Bank deployed BigFix to more than 100,000 servers worldwide. BigFix Patch and BigFix Inventory were integrated with the Bank’s home-grown, patch management system.

 

The Results

Results

By using BigFix and integrating it with the Bank’s patch management system, the Bank was able to consolidate and produce accurate patch KRI / KPI reports providing them greater visibility into patch and remediation operations. Equally as important, the Bank eliminated the painstaking manual effort to identify relevant patches for over 260 software titles saving thousands of hours of staff time annually while significantly shortening their vulnerability remediation time.

Next steps

The integrated solution has allowed the Bank to identify 95% of the relevant server patches as well as the exact location of all software instances. In 2021, the Bank wants to expand patch coverage to even more titles. Additionally, AIS is proposing that the Bank leverage HCL’s new Insights for Vulnerability Remediation (IVR) solution to reduce the time between vulnerability discovery and remediation.

 

AIS is now offering this integrated, patch validation and identification solution -- EPIC Patch V1 – to other organizations and is working to deliver patch deployment with the next version of EPIC Patch. More information available at http://www.epicpatch.com

About the company

Founded in 1995, Advanced Integrated Solutions (AIS) is a national IT services company with headquarters in Orange County, California, and offices in S. Carolina, Florida, and N. California. AIS is a high-quality provider of IT services including architecture, implementation, integration, and training for IT Security, Digital Intelligence, Asset and Service Management solutions.