Security Patches — The Better Way to Update

Updates often come at the worst moment. You go to shut down your laptop to rush to a meeting, and you get a “Windows is updating. Do not power off” message. Argh!

Or you leave your desktop to go to a meeting and come back to find your computer has restarted in your absence. Those unexpected bug fixes and performance improvements lost you all your unsaved work.

You know updates are important. They help patch security flaws. These are the vulnerabilities that hackers love to exploit. Updating helps you keep business documents and data safe. Software updates can also add new, useful features and remove outdated ones. Plus, keeping software and systems up to date is good cyber citizenship. Security patches protect from attacks that could also impact employees, customers, and partners.

Updating is a pain but oh so important

The WannaCry ransomware attacked hundreds of thousands of computers in more than 150 countries. Among those infected were the UK National Health Service, FedEx, Telefonica, the Russian Interior Ministry, and more, all because people (and companies) weren’t keeping their computers updated. The later Petya ransomware preyed on the same vulnerabilities, despite the publicity around WannaCry and Microsoft having already released a patch.

Still, people don’t bother updating. According to a Skype survey, 40% of respondents didn’t update their machines when prompted, almost 25% required a second prompt. Nearly 45% worried that installing the update would weaken their computer’s security.

And keeping Windows up to date isn’t enough. Cyber criminals aren’t stopping there, so you can’t either. You also need to be patching third-party applications such as Java or your Adobe suite. More employees are also bringing their own devices to the workplace. Overlooking security updates for these entry points is like leaving a window wide open and expecting criminals to walk by.

Equifax’s failure to update a Java virtual machine proved costly. Hackers accessed over 145 million credit reports in 2017. The company lost more than $5 billion in market cap, and the CEO lost his job.

Businesses need a better way to keep your software security patches current. Here’s help.

Keeping security patches current, conveniently

Avoid the inconvenience of the “Update Now” interruption by setting up automated patching. Patching all your computers or different device types can be time consuming.

Determine when downtime won’t be as disruptive, and schedule patches for that time frame. This lets you update an entire department when they aren’t there, or patch individual computers around the employee’s schedule. For instance, if your accountant comes in only on Tuesdays, you wouldn’t patch that computer that day.

This approach also creates a consistency your employees can plan around, which allows them to manage all security updates without you having to lift a finger.

To do this, you can outsource the patching to a managed service provider (MSP). The MSP installs remote monitoring and management (RMM) software to manage all security updates without you having to lift a finger.

The RMM software gives your IT partner visibility into your business technology. They’ll track your hardware, software, and network environments to keep ahead of issues. This sets your business up to respond faster to any events.

Using the RMM, the MSP can automate software patching and OS updates to reduce the hassle. The RMM can be cloud-based or on-premises (requires onsite hardware investment).

Conclusion

Automating or outsourcing software updates can improve your security and compliance. Your employees enjoy new features, extended support, and access to the latest technology. A reliable, secure system can improve stability, speed processes, and drive increased productivity.

Get expert help determining patching priorities, or partner with an MSP to install RMM and monitor and resolve issues remotely. Give us a call at 508-617-1310.

CyberSecurity Services