When Bill Gates started Microsoft, he had envisioned “a computer on every desk and in every home,” but I’m convinced he never imagined back then how hard it would become to keep every computer updated, patched, and free of software and firmware vulnerabilities. The innovation of computer networks and the Internet, coupled with rapid adoption of enterprise software, has made Windows environments incredibly complex. Plus, the recent move to WFA hybrid work models brought on by the Covid-19 pandemic has vastly expanded the attack surface, leaving computers vulnerable and difficult to secure. The recent launch of Microsoft’s Windows Autopatch is a testament to how difficult it has become for IT security teams to keep their Windows enterprise updated, but it’s only addressing the tip of the iceberg.
Unless you’re a computer nerd like me, or you’ve been buried in tedious work because it was just ‘Patch Tuesday’ (ha-ha), you might have missed how large the problem is globally. Here’s some quick math to put it into perspective. Last year, there were 1,862 data breaches and the average cost of a breach was $4.24 Million. If you take into account that around 60% of data breaches are the result of a missing patch, the annual cost of poor patch management is approximately $4.74 Billion dollars.
From a cybersecurity perspective, keeping computers updated is essential for cyber hygiene, and don’t just take it from me; Emma W., Head of Advice and Guidance at the National Cyber Security Centre, stated that “patching remains the single most important thing you can do to secure your technology.” Since Russia invaded Ukraine, the latest recommendation to IT security teams came in the form of CISA’s “Shields Up” notice, designed to “ensure that software is up to date…” but, this should be obvious to anyone working in IT.
Back in 2004, while working for Invisible IT (an IT service provider that was acquired in 2011 by Milestone Technologies, Inc.), my co-founder and Principal System Architect, Sean Maloney realized there were many tools trying to make it easier to manage software and Windows updates, but none of them actually solved the problem for his team or their customers. Software deployment and patch management tools claim today that they “automate vulnerability management,” when they mostly focus only on providing a wide view of the issues and a convenient place to find some helpful patches, without getting into the depth of automation required to solve the problem. Unfortunately, the existing tools on the market require expensive engineering labor and technical training to script complex automations. The rising costs from breaches year-over-year are clear evidence that these tools still fall short for most organizations.
This is why Sean and our product team have spent the past two years bringing valuable hyperautomation to software deployment through a unique implementation of DevOps methodologies, artificial intelligence (AI), and natural language processing (NLP).
So, what’s the point?
Good question. The point is that Microsoft’s Autopatch announcement on Tuesday was the greatest validation so far that there’s a serious amount of pain experienced by IT security teams, business leaders, and users of computers everywhere. There’s vast complexity involved in maintaining Windows and patching vulnerabilities. Thankfully, at a time when it seems virtually impossible to keep up, Aiden’s hyperautomation solution is already bringing a modern, intelligent, and desperately needed new approach to solving this problem once and for all.
Aren’t you worried that Microsoft has created significant competition?
The short answer is no. From what we can tell, Windows Autopatch is an inventive step forward in solving a portion of the bigger problem. In the description of Windows Autopatch, Microsoft is primarily concerned with getting their customers up to more current (and fewer) versions of Windows and Office. While there may be some overlap in our philosophy and approach, we are already solving for many other use cases that are of critical importance to our customers.
To better clarify how Windows Autopatch and Aiden differ, I turned to Sean:
JA: Can you please elaborate on what Microsoft has announced?
SM: Windows Autopatch will attempt to automate the scheduling and approval process for Windows updates, Office updates, and some drivers and firmware. This will help save time when rolling out enterprise Microsoft software for IT system admins, but also requires an enterprise be fully up-to-speed with using Intune as its primary method of deployment to manage computers.
JA: Why is this important when we already have scheduling and approval tools for managing Windows updates?
SM: Microsoft says, “We have analytics that look at pattern changes in the machine health and performance. For example, we have an ability to see when app crashes are increasing in your environment.” This new system promises to automatically halt, and even rollback deployments, based on the performance and predicted impact of the patch or update!
JA: So, how does Autopatch compare to Aiden?
SM: (eyes light up) Imagine this technology applied to all types of deployments for Windows… patches for all apps, drivers, & firmware, new software deployments, OS deployments, and full desired state configuration. I’m excited because this is where Aiden thrives.
JA: Can you help us compare Aiden to Microsoft’s latest innovation from a product strategy perspective?
SM: Well, is their idea to slowly expand a Microsoft-only offering (Windows Autopatch), or will they allow third-party-led expansion through integration opportunities [such as Aiden]? At least at first, they [Microsoft] may get slow adoption with Windows Autopatch because it is limited to Windows and Office updates on Intune-managed devices, which means it does not support most applications, and does not support Windows Server, Windows multi-session VDIs, or traditional AD-only joined devices. Our customers know well that Aiden already supports all the above with ease and proficiency.
In short, Sean and I concur that automation and analytics are the future of managing and securing the world’s computing devices, and we feel Windows Autopatch is an exciting push in the right direction. We look forward to testing out Windows Autopatch and continuing to provide Aiden’s innovations so that IT security leaders get time back in their days and sleep better at night, knowing that their Windows environments are updated and secure.
Patching isn’t enough to remediate vulnerabilities.