The Importance of ITSM for Patch Management
Patch Management

IT service management (ITSM) is the body of policies, processes, and procedures by which an organization designs and delivers IT services to its customers. With its strong focus on providing a superior end-user experience, ITSM concerns itself more with process than technology, with prevention versus “fire-fighting”, and with being proactive rather than reactive. ITSM has a strong service orientation and a holistic understanding of how customer or employee IT services contribute to business outcomes.

Product suites are available to support the full range of ITSM activities. At the core of the ITSM suite is a ticketing system through which end-user issues are reported, tracked, resolved, and documented as part of a growing knowledge base. According to Markets and Markets, the cloud-based ITSM software market was worth $4.41 billion in 2016 and is forecast to double to $8.78 billion by 2021. One of the key drivers of this growth is the incorporation of advanced technologies, such as machine learning, predictive analytics, AI-driven chatbots, and blockchain, into ITSM solutions. Some of the biggest names in the ITSM market are ServiceNow, Atlassian (Jira), BMC Software (Remedy), CA Technologies (CA Service Management), and Hewlett Packard Enterprise (Service Manager).

In this blog post, we discuss the crucial role that ITSM plays in upholding an organization’s defined processes and best practices for better business outcomes. We also explore the relationship between ITSM and patch management.

What Is ITSM and Why Use It?

ITSM is closely linked to the Information Technology Infrastructure Library (ITIL) — an industry-recognized certification framework for establishing IT service management systems that support business transformation and growth. As per the ITIL approach, ITSM teams strive to rightsize and manage IT resources in a way that achieves acceptable levels of IT service availability and continuity. ITSM suites, such as ServiceNow, BMC Remedy, and even Jira, typically provide support for the key IT service areas covered by ITIL, which are:

  • Configuration Management, including a configuration management database.
  • Change Management, including rule-based workflows for prioritization and ownership.
  • Release Management, including testing and verification of all changes prior to deployment in production.
  • Incident Management, for restoring disrupted service(s) with minimal downtime.
  • Problem Management, including root cause analyses of incidents to proactively preempt further disruptions.
  • Service Desk, which is the central point of contact between end-users and IT.

Given the strategic nature of ITSM implementations, ITIL specifies a structured five-phase model to be followed when introducing or upgrading an IT service:

  • Assess the current state and set quantifiable objectives for the desired state.
  • Architect and develop a mature design for the desired state.
  • Plan the process and cross-organizational resources required to achieve the desired changes.
  • Implement and deploy the process with the support of all stakeholders.
  • Follow up with ongoing support and improvement of the service.

In order to achieve and manage a company-wide, service-oriented ITSM framework, the ITIL  outlines five separate and distinct perspectives that should be taken into account:

  • People: Making sure you have the necessary expertise and knowledge.
  • Process: Matching practices, procedures, and guidelines to the ITSM goals.
  • Technology: Onboarding the software and hardware technologies to support the ITSM process.
  • Organization: Defining the interface between the ITSM team and the rest of the organization within the context of corporate culture.
  • Integration: Ensuring that the ITSM framework is tightly integrated with the organization’s business model and IT capabilities.

Now that we better understand what ITSM is, the question remains if its benefits outweigh the resources and effort required to establish and maintain an ITSM framework. Generally speaking, the benefits that a company can expect to gain from ITSM are improved operational efficiency, enhanced customer service, and reduced downtime due both to rapid times to remediation as well as predictive intelligence to preempt disruptions.

On a more quantitative note, from a 2011 empirical study on the impact of ITSM frameworks that is still cited frequently, we learn that close to 60% of the companies that have implemented ITSM have improved the quality of their IT services, a little more than half have been able to standardize processes, and 43% have seen improvements in customer satisfaction. A little more than one-third of the companies also reported that they have reduced their IT downtime and strengthened the alignment of IT with core business activities.

ITSM and Patch Management

In the realm of ITIL best practices, patch management is considered critical to upholding ITSM objectives in the following ways:

  • Bug fixing, to improve the stability and performance of customer-facing IT services.
  • Managing security vulnerabilities, to protect systems and data from unauthorized access that can disrupt services or endanger sensitive data.
  • Feature enhancement, so that end users can benefit from improvements to home-grown or third-party software and firmware.
  • Staying aligned with vendor support by upgrading to more recently released versions.

In order for patch management to best serve your overall ITSM goals, it is important that your patch and ITSM tooling be tightly and seamlessly integrated. ITSM helps enforce the patching process, making sure that the relevant teams are aware of and approve the content and the timing of the patching. In other words, ITSM is the framework for upholding the what, when, and how of the patching process. Some examples of the synergies that can be created are:

  • Inventory management: If your patch tool has auto-discovery capabilities, it can then share its inventory of IT assets to be monitored with the ITSM framework. If not, then the patch tool will get its list of what to monitor from the ITSM platform.
  • Prioritization: The patch tool scans for vulnerabilities and patches. The ITSM framework provides business-oriented Change Management policies and guidelines based on a deep understanding of the risk and impact of not deploying a patch for any given IT service.
  • Release management: Your ITSM Release Management policies and processes can let your patch tool know what steps should be taken to test patches prior to rollout and when the optimal windows are for deploying patches with minimal disruption.
  • Tracking changes: The patch tool can trigger the appropriate ITSM Configuration Management processes to record the changes that were made.

How JetPatch Can Help

JetPatch is an end-to-end patch management and vulnerability remediation platform that addresses patching as a holistic process, This process must be as automated as possible yet carefully governed. In order to ensure that all the relevant stakeholders are integrally involved throughout the patch management process, JetPatch is tightly integrated with leading ITSM platforms. For example, you can

Working closely with ITSM platforms, JetPatch can:

  • Fully and automatically discover all relevant servers, OSes, and apps to be monitored, eliminating potential patch blind spots.
  • Establish and uphold corporate patching governance policies and processes, managed through a governance dashboard.
  • Define and execute automated patch rollout workflows via server groups and maintenance windows.
  • Accelerate patch testing-staging-production cycles.

JetPatch architecture and ecosystem

Schedule a demo today to see how JetPatch can integrate into your IT management stack and automate your patch process.

Todd Kirkland
Todd Kirkland
schedule demoORlearn more
Start Patching the Right Way