We’re often asked how often systems should be updated and why some larger companies, like Equifax, fall behind and make themselves vulnerable to a billion dollar breach.
KnowIT recommends performing patch management at least every other week and understands this is hard for many small businesses to accomplish on a regular basis.
Why is patching important? It’s a requirement from a security standpoint in order to close known vulnerabilities in your software.
The goal of patching is to prevent security breaches, data loss, data theft, PII and PHI violations, legal penalties, reputation issues, and ultimately protect your business.
There are many reasons why a business of any size might fall behind in patching:
- Older hardware – placing new software on old systems can be a risky move. One of the reasons we encourage a hardware replacement lifecycle plan is to make sure your systems remain safe to patch. It doesn’t take a technology consultant to understand that installing 2020 software on a device from 2012 won’t produce the consistent results you’re looking for in the long run.
- Fear of downtime – even when updates run smoothly, they still take your staff away from their computers for a given amount of time. If you have someone in-house that is managing your updates and is on the same work schedule as the entire team, that person might be trying to run updates during business hours (or flex their schedule to accommodate). When you work with a trusted technology partner like KnowIT, we complete the updates on a regular basis, outside of your normal business hours, with no additional fees.
- Overwhelmed by number of updates – whether it’s about playing a game of catch-up (because pesky Microsoft sends out new updates weekly and maybe you’re a few months behind!) or the constantly increasing number of applications needing updates (especially if you’ve found yourself downloading more video conferencing software this year!), we can take it over and have patching your systems be on our plate, instead of yours.
- Lack of priority and understanding – some companies may not have a dedicated IT person, or the one that fulfills that role may also play a number of other leadership hats. Teams may be on an “update your device at your own leisure” or “please do it when it says to, but we won’t enforce it” loose verbal (or half-heartedly written) policy. We don’t know what we don’t know until we know it, and sometimes patch management is one of those topics people don’t think about until after a security breach, when they’re looking to tighten the ship.
Patch management is about closing the vulnerabilities before they are exploited. The more conssitent you are with patch management, the more consistent your network will behave.
Reach out to us at 888-603-8280 to learn more about how we can help you have better technology experiences through regular patch management.
https://deltarisk.com/blog/we-dont-need-no-stinking-patches-why-organizations-dont-patch/
https://itsupportguys.com/it-blog/importance-of-patch-management-to-avoid-business-vulnerabilities/