start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
Close
Select Page

Don Moss isa Technical Advisor on the BigFix team. Don began using BigFix in 2012 when he was employed at LANDesk, now known as Ivanti. Before joining HCLSoftware, Don worked at IBM Security as a Security Solutions Architect & Cyber-Security Engineer.  He shares a recent story about why one of his clients who replaced Microsoft Configuration Manager™, often referred to as SCCM, in favor of BigFix.

Many clients are often overwhelmed with endpoint management activities. The plethora of patches across many versions of operating systems keep most IT operations and security organizations very busy. Windows is the predominate operating system and Microsoft Configuration Manager (also known as SCCM) is the most common management tool for patching the Windows OS and Microsoft Office. CIOs implement SCCM because it is ‘free’ since it is packaged with Microsoft Enterprise License Agreements. Unfortunately, there have been a history of issues and some are still plaguing that solution. As a result, BigFix is helping organizations improve their patching and compliance operations. In this blog, I will explain why one of my recent clients decided to replace SCCM with BigFix.

My client is a manufacturer, marketer and distributor of consumer and commercial products with offices and plants in the USA, Latin America, Europe, the Middle East, Africa, and Asia. The company employs about 50,000 people across these geographies, requiring 24×7 endpoint management operations.

HCL learned that IT ops team was getting beaten up by security ops because they found missing patches during their vulnerability scans. The BigFix team was asked to help ascertain the truth. In the side-by-side comparison on a select group of servers, SCCM reported 70-90% compliance while BigFix reported 40-50%. In a deeper investigation, BigFix found missing patches from 5-6 years ago as well as patches released in the past three months!  IT ops and security ops validated the accuracy of BigFix’s patch findings.

Next, my client challenged me to produce the automated reports using BigFix that company executives wanted but were not able to get from SCCM in a timely fashion. For example, IT ops often found that after six hours of patching, SCCM showed an ‘unknown’ patch status for most endpoints. Even after more than eight days, a complete patch status report was still unavailable from SCCM. In a similar test, BigFix was able to show near-real time patch progress within minutes. I was able to show the breadth and width of BigFix reporting and demonstrate to the CIO and CISO that their custom reporting needs could easily provided by BigFix.

BigFix’s return on investment (ROI) was not even questioned because it was clear that BigFix’s efficient patching capabilities would improve their overall security posture over what SCCM was delivering. Since most security incidents are caused by known but unpatched vulnerabilities, having endpoints with missing patches was too great of a security risk than the company could afford. BigFix could confidently show and demonstrate to the executives that all endpoints (including roaming laptops) are patched, regardless of location, connection or status.

The POC was so successful, my client asked to extend the POC so they could continue to patch vulnerable servers while they expedited the purchase order. By doing so, my client simplified patching and improved their defense against cyber-attacks.

Are you finding missing patches in your vulnerability scans? If so, contact the BigFix team and request a demonstration.

Comment wrap

Start a Conversation with Us

We’re here to help you find the right solutions and support you in achieving your business goals.

Automation | August 2, 2024
Black Friday for IT: CrowdStrike and Microsoft Windows Outage
Global CrowdStrike outage disrupted businesses, airlines, healthcare, and more. Learn how to prepare for IT crises and ensure business continuity with HCL BigFix.
Automation | July 1, 2024
HCL BigFix Remediate Now on AWS Marketplace!
HCL BigFix Remediate is now on AWS Marketplace! Effortless integration, enhanced security, and scalable solutions for vulnerability management.
Automation | March 30, 2024
HCL BigFix: RBI Compliance Made Easy for Banks
HCL BigFix simplifies RBI compliance for banks. Patch all devices, manage software, and protect against vulnerabilities. Learn how HCL BigFix secures your financial data.