In a recent episode of the Help Me With HIPAA podcast, titled Getting Your Patch On, Donna and David talk about the importance of patching your software applications. So what the heck is patching? Think about it like this: Before holey jeans were the cool thing, you may have had a favorite pair of jeans that were soft, broken in and fit just right. The more you wore them, the more the treads started wearing thin and the stitching in some intimate areas might have started giving out. So if you were smart, before wearing them again you would have taken the time to look them over to ensure that they were appropriately intact and all of you that should be covered still would be. If it wasn’t, then you may have applied a patch to reinforce the vulnerable areas. Well, software patching works in the same manner. A software developer will monitor a product and it may identify an improvement, want to add a feature, or identify a security vulnerability and come up with a solution to fix the issue. The solution is called a patch.
What is so difficult for people to understand is the importance of patching? Some folks believe “if it ain’t broke, don’t fix it.” They don’t even know there is a problem that needs a patch. Sometimes patching one software may affect the performance of another. Most often people just don’t pay attention. They think, “my IT guy is patching everything for me and will tell me if I need to do something more.” This is not always the case. You need to review with IT what they are and aren’t patching. They are almost certainly not patching every piece of software you and your staff are using. A lot of times, what you think IT is doing for you and what you are paying them to do are two completely different things. There is a huge difference between IT Support and IT Security. Which one do you have? Have the discussion with your IT team to find out.