Patch Management and Security
Patching Is Just Part of the Security Solution
Dave Koopmans, Solutions Engineering Manager, Scantron Technology Solutions
Patching is a mandatory part of good IT practice. So much is said about patching that unfortunately many people think that if they are patched, they are secure. This couldn’t be further from the truth. Patching is just one step in the process.
First, let’s understand what patching is. When a software provider (Microsoft, Adobe, Oracle/Java, for example) finds a bug or vulnerability in their software, they write a patch and deploy it through the normal methods of updates. A vulnerability is something that can be exploited by malicious code such as a virus.
Viruses versus Malware – The Basics
Viruses are invasive scripts that infiltrate your systems through weaknesses in the system. When our systems are up to date, there is less chance of a virus exploiting that code and gaining access to your system or altering your system.
Malware, on the other hand, is malicious software that does not take advantage of a vulnerability of the software, but rather you, the end user. Click on a link or download a program, and that program acts like any other application on your system: it can request the system do things like encrypt files, send emails, or capture key strokes, none of which are because of any software vulnerability.
This is why having only antivirus protection is inadequate. Viruses and malware have evolved significantly, to the point where malware has surpassed viruses as having the greatest impact on an organization, because they offer a greater incentive to malicious coders.
Viruses, while very annoying and destructive, historically have rarely netted a hacker any money. There was no way to monetize a virus other than to sell corresponding antivirus software.
Malware, on the other hand, originally simply flooded people’s systems with ads or spam; the incentive was micropayments for advertising clicks. Today, malware has evolved to ransomware, which typically will encrypt all of your files, then charge you a “ransom” in Bitcoin that must be paid within a day or two in order to decrypt your files, to make some real money. There are actually free ransomware applications on the internet.
The Components of a Strong Security Model
So what is an IT manager to do? There are a few basics.
- Professionally managed patching is critical, so that Microsoft and all your third party updates are taken care of and verified.
- Deploy and manage antivirus and anti-malware solutions. Using the latest technology (read: not the free stuff) will protect against a larger array of infections.
- Get expert help. Updating patches yourself may lead to failed patches that go undiscovered. Sometimes, patching doesn’t happen at all.
- Educate all end users – anyone who uses email and/or the internet – and your leadership team. Because patching and antivirus applications can’t prevent malware.
Education Is the #1 Component of Security
Malware, especially ransomware, could cost you your entire business. Ultimately, it is up to you and your end users to know what malware is. Users should be suspicious of unfamiliar email attachments and installation dialogues, and always question the validity of email, phone calls and text messages.
Assume that odd phone call from “Microsoft” is a hacker with malicious intent. Neither Microsoft nor any other software vendor will contact you to tell you, “Your PC has a virus.” Microsoft does not make evening calls telling you, “Your PC is hacked.” And that pop-up telling you, “Your system has 1,237 viruses, Scan Now,” is lying to you.
Patch, patch, patch, manage your antivirus and anti-malware, and trust no one. Oh, and have a nice day!
Use one highly accountable vendor to handle your IT security, support and network management. Customers who subscribe to our affianceSUITE managed IT services for SMB use one point of contact to handle virtually any IT issue. Concentrate on your business and move out of reactive mode!
Contact Scantron to evaluate your organization’s IT support requirements.