To 'patch' a thief..

To patch a thief

When you take your car into the garage to be fixed, you don’t expect to have to install the new part yourself. So why is it different in the IT industry where users are expected to install patches and upgrades to keep their software, hardware or apps up to date?

Microsoft provides Windows Server Update Services (WSUS) and System Centre Configuration Manager (SCCM) to effectively ensure Windows is patched, but with 86 per cent of security vulnerabilities coming from third party applications, are you confident that you are protected from unpatched systems? Patching applications such as Java, Flash and other Adobe applications is reliant on end users, which isn’t perfect as they often forget, are lazy or don’t see it as a top priority.

Many companies focus on patching critical vulnerabilities, however when 99 per cent of security breaches in 2015 had a patch that was more than a year old available, and Gartner predicts that this will still be the case by 2020, the focus should be on ensuring all vulnerabilities in your environment are remediated.

Don’t become a victim of ransomware

Software patching helps to keep your systems secure and has been identified as one of the ways to prevent being a victim of ransomware. A UK Government scheme introduced in 2014 lists patch management as one of five key controls to help organisations achieve improved cyber security protection. The Cyber Essentials scheme reported that 95 percent of companies that completed the certification under the Assurance Framework, which is part of the scheme, didn’t experience a security breach since certification.

But that’s only part of the solution: ensuring your business’s software systems are up-to-date is another key piece of the puzzle. Matrix42 offers a tool called Matrix42 Physical, which enables optimised deployment and management of physical workspaces through client management.

Not taking action is not an option: recently, ransomware has seen a spike in popularity as a method of attacking businesses with nearly 40 per cent of all businesses hit in the past year, according to research from computer security firm Malwarebytes. Today, we must do everything we can to protect ourselves from unnecessary vulnerability.

Keeping your software up to date and, applying software patches manually is neither time efficient nor practical and if you don’t have a comprehensive approach at a corporate level, then you are leaving yourself open to attack. And that’s the last thing any organisation wants.

So if the issue is widely reported and the government and industry analysts both recognise patching is the remediation to the problem, why do we continue to see news reports of ransomware and other malware attacks week after week?

One of our customers told me recently about how they were a victim of ransomware.

A cautionary tale

He said his company was taken hostage by hackers that embedded a Trojan in their machines, locking them out of key systems and taking them offline so they weren’t able to send emails, share files, or print anything. The message they got was to pay a fee and they would be sent a key to unlock the systems.

In the midst of all of this, however, he said the most difficult thing was knowing who to call. It’s kind of like being in a car crash – the most important thing when you crash your car, other than passenger safety, is how you get to where you’re trying to go now that your mode of transport isn’t available. This is where the role of the service desk comes into play.

Taking the “ransom” out of ransomware

That’s why the service desk often gets most of the heat in these situations – because they are in this position to communicate, they have to broadcast to the company’s users that there’s been an incident, track what’s been done about it and deliver the service work to fix the problem.

While Matrix42 isn’t a data back-up and security company, our tools are the glue that binds the services and resources to outages that occur. They equip the business with a globally centric IT service management support desk and the tools they need to recover their environment. This can be particularly useful as the advice in most of these cases is to wipe everything and start over. But to do that, the organization has to have a complete and up to date back up. Most security companies advise not to pay up to those holding their data at ransom, but in some cases, companies decide to do so as the effort of recovering the data will end up costing them anyway.

Making patching easier

Patching isn’t all that straight forward, especially without a dedicated tool. A lot of larger businesses use SCCM, which leverages the WSUS content from Microsoft, and it’s easy to see why: it’s scalable, robust and a lot of time, comes free with Microsoft’s enterprise package. That’s all well and good for the Microsoft applications and OS, but, as mentioned above, when over one-third of patches required are for third party applications, it’s hardly the compliance tick in the box teams may think.

Having the right service management tools in place won’t prevent these threats from happening altogether. However, with effective patch management and routine software updates to guard against the threats in the first place, and then worse case, should the threats become a reality, these tools help companies to get back online and in business quicker.

By keeping on top of patch management and software updates, businesses can ensure that their best line of defense is having good offence.

Talk to us at Matrix42. We've got solutions which can help your business in these areas.

smarter workspace - better life

matrix42.com