In this multi-part series, we’ll look at what organizations can do to better improve corporate cybersecurity as part of October’s Cybersecurity Awareness Month. In this blog, our focus is keeping your software up to date.
Updating software may seem like an obvious activity to continuously do but it’s often ignored when things “just work”. Most people either don’t want to take the time to do it or don’t want to wait for maintenance windows to perform the upgrades. As a former software engineer, I know new software comes with known features and bug fixes and probably some new bugs as well. However, it’s still a good idea to do the upgrade, especially when there is a known bug that is creating issues or there are fixes for known vulnerabilities.
As an end user, you should plan to upgrade your mobile device(s) as well as your laptop(s) and other computer systems. Both can be done automatically, and this is recommended. In some instances, you may want to wait for your organization’s IT department to let you know when an upgrade is recommended. This is mostly because the IT will want to test the new software to ensure that it doesn’t break any existing applications.
As an IT administrator, you’ll want to keep an eye out for all software updates from your network devices to your end user devices. If you have support contracts, you’ll most likely get notified of new software releases and you should go through the release notes to see what new features came in, what new bugs were introduced, and what existing bugs were fixed. In some cases, an ISSU (In-Service Software Update) is available which will help ensure zero to minimal downtime. In network devices that support ISSU, the backup device is upgraded and then a failover is triggered. Then the previous active device is upgraded, and the passive device relinquishes active status back and your active-passive cluster is upgraded with no downtime. For SaaS applications, the upgrades are automatic, and the only thing needed is to make sure you understand what’s in the latest update. The update may include some cool functionality that will make your organization more productive or secure.
Some vendors provide RSS feeds that include information on vulnerabilities along with information on fixes and software updates. As an IT administrator, you should have an inventory of software used in your organization and should continuously be tracking devices that need to be upgraded. With EDR and MDM solutions, you will be able to track end user devices and you should create policies that require devices meet specific software version levels to gain access. If a device is running compromised software, including the Operating System (OS), that system may be used to breach your corporate network.
This concludes our Cybersecurity Awareness Month series. Continue to visit our blog site to learn more about deploying a modern Zero Trust Network Access (ZTNA) solution.