Information Security

Operating System and Application Patching

Patching operating systems and applications is a critical security function. All software contains vulnerabilities, and cybercriminals use these flaws to attack systems using malicious code. Patching a system protects against malware attacks that exploit these vulnerabilities. The Australian Signals Directorate (ASD) has included Patching Operating Systems and Patching Applications in their Essential 8 strategies. The ASD recommend that extreme risk vulnerabilities be patched within 48 hours, as once vulnerabilities are made public, cybercriminals are likely to quickly develop malware that takes advantage of the flaw. An extreme risk vulnerability might be a remote code execution that affects critical business systems. When we talk about patching operating systems and applications we often only think of client and server systems, but it’s important to also consider operating system and firmware updates of network devices.

Many companies apply security patches to their desktop and server operating systems but not applications that are widely used and whose flaws are targeted, such as Acrobat Reader and Chrome. In a Windows environment, patching applications is often overlooked because built in update mechanisms such as Windows Update and server tools like Windows Server Update Services (WSUS) are designed to update Microsoft only products. Successful patching of common desktop applications will almost certainly involve investing in a third party tool to manage the deployment of the updates. Ideally this tool should integrate with existing operating system update tools like WSUS or Systems Center Configuration Manager (SCCM), but it may replace their functionality completely.

For businesses without server infrastructure and perhaps using Office 365 and other SAAS offerings, implementing a cloud based update tool is a must. Many businesses without server infrastructure have no way of centrally managing updates and even knowing if a computer is being patched successfully. A good patch management product will ensure that updates to the operating system and applications are deployed in a consistent manner. Visibility is key and any patching software implemented will need a robust reporting capability. It should be immediately clear where you’re at and what needs to be done. For instance, how many systems are missing a critical security patch?

Ensure that you also understand when the vendor regularly releases updates (like Microsoft's Patch Tuesday) and are alerted when a critical update is released. This normally involves subscribing to a vendor email notification service, some patching tools also include built in security news and notifications, meaning that all patching information is in one place and the information supplied is summarised in a simple to understand format. This of course means that somebody needs to be responsible for managing the patching review and update process. This doesn’t necessarily have to be someone internal to the business, and could be managed by an external resource.

Patching systems can be time consuming and for this reason is often overlooked, putting a business at risk. Modern patching tools certainly make life easier and are well worth considering if you’re struggling with tools such as WSUS. If you don’t have in-house expertise, outsourcing the patching function to specialists is well worth considering. They will already have robust patching tools in place, have the expertise to troubleshoot update issues and be able to provide you with regular patch status reports.


Colin-Barton_Profile.jpg

Colin has over 20 years consulting experience working with organisations ranging from small business to large enterprises. He has consulted in the United Kingdom, Canada and Australia. He specialises in Microsoft based technology solutions, disaster recovery implementations and information security.


4 tips to limit the impact of data breaches on your personal information

4 tips to limit the impact of data breaches on your personal information

Most of us tend to undervalue our personal information. It’s amazing how readily we entrust it to people we don’t even know. Here are 4 tips to limit the impact on your personal data in the event of a breach.

Essential cybersecurity strategies to protect your business

Essential cybersecurity strategies to protect your business

Everyone needs a strategy, right? What are you doing to protect your business against cyber threats, and the real possibility of someone stealing or destroying your data. An attack could come in any number of ways, a data breach and the theft of critical data or possibly a ransomware attack and the destruction of important files. Many companies, especially in the SMB space don't even have the security basics in place and it can be difficult even knowing where to start. It's simply not enough these days to put a firewall and anti-virus program in place and sit back and relax. Believe me, I'd love it if that was the case, I’d be gladly taking a nap right now.

Don't rely on a password alone to protect your online accounts!

Don't rely on a password alone to protect your online accounts!

Everyone has information that they want to protect which must remain confidential. These days it’s quite likely that this information sits in an account that is accessible on the internet and is at increased risk of exposure. This information doesn’t have to be a business account - how about personal email accounts such as Gmail? I know people that live out of their personal Gmail account - the one place which contains every email, document and contact that they have. If their password fell into the wrong hands it would be a disaster and unfortunately account breaches are now part of everyday life.

Have you secured your Office 365 email?

Have you secured your Office 365 email?

I’ve been migrating on-premises business email systems to Office 365 for the past few years. Email is often seen as the first logical step into the cloud, a low risk move. Outlook performs well due to caching, even over slow links, so you get an up to date, feature rich environment with little risk of negatively impacting users.