We have long extolled the importance of ‘patching’ as a key weapon in your cyber-security arsenal. For those unfamiliar, patching is the term used to describe updates issued by vendors, commonly to fix or ‘patch’ newly discovered security vulnerabilities in their product. As an IT Support provider, we take care of patching for all of our IT Support customers in Glasgow, Edinburgh and throughout the UK. We make sure the patches are applied soonafter release (to use an obvious proverb “a stitch in time saves nine”). So, our IT Support customers have peace of mind that that aspect of their cyber security is covered. However, patching is easily overlooked and can create risk within your systems which can be exploited in years to come, when the patch issue itself is nothing but a distant memory. A recent report by Bitdefender states that in the first 6 months of 2020, a shocking 64% of unpatched IT vulnerabilities dated from between 2002 and 2018. This means that the organisations have been exposed to potential cyber attacks for an extraordinarily long period of time. Don’t let this happen to you! Speak to one of our IT Support Consultants about our managed patching services and other cyber security products we offer to reduce the risk of a cyber attack.
It is worth noting that patching is one of the 5 key cyber security controls addressed by the Cyber Essentials scheme. It is a cyber security basic which businesses shouldn’t get caught out by – but time and time again they do. This is because, although it is a basic cyber security control, it isn’t easy to do. A failed patch roll out can be as damaging as a cyber attack. so you need to get it right.
The problem with patching
Patching effectively depends on you having accurate knowledge of the content of your IT estate. Over the years hardware and software is often added in a piecemeal fashion with managers losing sight of all the pieces that make up the puzzle of their IT infrastructure. This can cause serious problems when applying patches. You need to know what systems you have and how they work together. The first step is to compile an accurate IT Asset Register and put in the work to ensure it is kept up to date, enabling you to manage your IT assets. We do this for all of our IT Support customers in Glasgow & Edinburgh. Be mindful that vendors don’t issue patches for their product when it is ‘no longer supported’ (often by 5 years after issue). Which is yet another reason to ensure your IT Asset Register is up to date and your IT estate is managed – unsupported technology introduces unnecessary risk.
However, the task of patching can be time consuming. Even now, some patches need to be applied manually and you will usually want to test the patch before a large roll out to make sure it doesn’t cause more IT problems than it fixes. A good IT Support provider will do all of this for you and make sure your patching strategy works.
Why don’t you speak to one of our IT Support consultants today about the package of cyber security products which best suits your need?
