As we’re seeing every week, attacks have become more sophisticated, fast-spreading, and costly. IT security is of increasing concern for company executives and the customers. After widespread data breaches such as the Equifax hack, consumers are more closely scrutinizing the security of services they use which have access to personal information such as credit card details, contact information, and social security numbers.
One common thread that has come to light in the past year or so is the preventable nature of many of these costly security incidents. Ransomware WannaCry and Petya, the Equifax breach, and several other high-profile attacks have all been a result of unpatched known vulnerabilities. If patches had been applied in a timely manner, the organizations that were successfully targeted by these attacks would have been secure and protected.
Despite a relatively simple fix that would have prevented many of these security incidents, patching has a reputation as being time-consuming and burdensome, and is often not prioritized by security and IT departments. Instead, too often we see a fire-hose approach, with a focus on immediate security threats and active attacks. This approach is rarely fully effective, as it has been found that security teams can only investigate 56% of the security threats they receive, leaving 44% unresolved. Even companies with firewalls and other security measures in place need to be more vigilant about patching hygiene, as employee mistakes or system misconfigurations can still allow malware to enter a network and exploit unpatched systems.
Regularly checking for and applying patches within days of release should be an integral part of any company’s security measures. Staying up to date on patches for operating systems and 3rd party applications is the only way companies can fully prevent attacks based on known vulnerabilities. Failing to apply patches in a timely manner leaves systems and data at risk, sometimes for months or even years.
It has been found that 50% of Windows operating systems are running outdated versions, while 40% of Apple devices are not updated, meaning they are susceptible to attack long after security patches were available. In order to ensure patches are applied quickly, companies must have a regular process in place for checking for, testing, and applying patches to all systems. Once this process is in place, you can be confident in your patch status, freeing you up to focus on other priorities.
Patching manually is a losing proposition. To keep up with the number of new patch releases and ensure every endpoint is kept current requires too many resources. If you break down the number of hours spent on patching by the average hourly rate per person, you’ll quickly see that automation is the answer to your patching challenges.
Cloud based solutions like Automox can automatically check for and apply patches across all operating systems and 3rd party software applications. Automox provides full visibility into infrastructure security from a single dashboard, including remote and cloud-based servers and workstations. As long as the endpoint is connected to the internet, Automox can patch it.
To see how Automox can improve your security position, sign up for our free 15 day trial. You’ll have full platform access, no endpoint limits, and no credit card is required.