If you’ve been following the news, you may have heard of the most recent WannaCry Ransom and Malware outbreak affecting more than 50 countries and tens of thousands of computer networks and systems from small businesses to large corporations such as FedEx and Nissan. Those systems were compromised due to a security vulnerability in Windows XP and Windows 7.
The interesting and alarming part is not that there was a vulnerability in Windows, but that Microsoft knew about the vulnerability and had already patched it in a recent Windows update. How it is then that thousands of systems were still compromised?
Lack of effective patch management. The affected companies and systems hadn’t applied the patch. Why?
As a consumer, it’s easy to run those Windows updates when they pop up and there is little risk, however the complexity of patching increases when you’re dealing with a corporate computer network. There are simply too many machines and too many programs for you to patch programs manually. You also can’t just enable patches to be installed automatically whenever they’re available. That’s because some patches are more important than others, and patches still represent a risk to your network. A patch might actually break or cause issues with a mission critical corporate application.
Typically for larger companies, you need to have someone or a team in charge of patch management. One of their first goals is to be immediately aware whenever a patch is available. They also have to know whether the various patches are relevant for your computer environment and which are most important as well as which one might cause issues. However, for small and medium businesses this is near impossible and unaffordable.
For those small and medium businesses, utilizing an effective patch management software and service is the affordable and reliable option. For a small per machine cost, you get an entire team of experts monitoring patches, vetting them for issues, and pushing out the most important security updates in a timely manner to protect your business.
Anti-Virus and other anti-malware products are only part of an effective strategy. That strategy should always start with patch management.
Microsoft announces price and term changes for Office 365
Hackers are constantly evolving, exploiting new vulnerabilities, and dwelling in small business environments—until they encounter EDR.