Technology advances at a seemingly exponential rate. With these advances in everything from operating systems to applications to Internet of Things, software vulnerabilities also increase. We are constantly introducing more and more electronic devices with more and more vulnerabilities into our daily lives: both at home and in the office. While many systems are running some form of AntiVirus software, malware still impacts organizations in spite of having AV software deployed.
I've worked for companies where computer virus outbreaks resulted in revenue loss as systems needed to be taken offline for remediation. I've also consulted at companies where active security intrusions were stealing company data. Unfortunately, these stories are nothing new and we likely haven't seen the last of them with malware such as Crypto variants taking advantage of poor security at the endpoint.
You may have read about or heard of various security breaches in retail, government and other sectors (Yahoo, Target, Home Depot, Verizon, etc.). While computer security breaches have really gained momentum within the last 30+ years, ancient stories show us exploits in security have either been contemplated or occurred repeatedly. The Trojan horse used by the Greeks exemplifies payloads intending to do harm that we bring into our own networks. A modern day example of this could be a weaponized USB flash drive left outside a corporate parking lot for an unsuspecting employee to pick up and plug into a network device. Similarities could be drawn between today’s attacks through software vulnerabilities and the secret pathway exploited by the Persian army to attack the Spartan soldiers from the rear at Thermopylae Pass.
In retrospect, almost all of these attacks and exploits are preventable. While it can be said that hindsight is 20/20, almost every attack/outbreak exploits a known vulnerability. The details of these known vulnerabilities are used by the "bad guys" to take advantage of weak security practices in place at many organizations.
IT professionals have the power to close these known vulnerabilities by installing security patches made available by software vendors. We as IT professionals are tasked with preventing these occurrences from taking down business operations, protecting the business data and teaching the end users security best practices. When these largely publicized breaches are analyzed, the root cause is somewhat surprising. Over 95% of security breaches originate at the endpoint. Securing those growing number of endpoint devices that are both inside and outside of the corporate network is becoming more and more challenging. Also considering the median time to detect an intrusion is 205 days, this leaves a wide attack vector and plenty of time to do damage.
Patch Management for devices with access to company data and channels is a critical step to securing your environment. The “weakest link in the chain” cliche is a perfect way to describe the challenges of securing most networks. In order to close the gap, we must patch the known software vulnerabilities and do this on every device possible. Yesterday's strategies of dealing with these challenges are not designed to work for today's threats and landscape.
As devices grow in number, a more automated patching strategy will be necessary. Take a look at the US-CERT data and you will find that Microsoft Windows (at one time having the most software vulnerabilities) is steadily leaving the top of the vulnerability list. It's other applications such as Java, Adobe Flash, Apple OS X, Google Chrome and other software applications that now top the list. Threats are taking advantage of these vulnerabilities in software to infiltrate your systems and your networks. It's not only the Windows operating systems that have to be patched, but also the Apple devices and other 3rd party applications.
Quest Software’s KACE Systems Management Appliance can be used in a "set it and forget it" approach reducing the time IT admins need to dedicate to securing endpoints. The software vulnerabilities that exist on Microsoft Windows and Apple macOS including the 3rd party software applications can be patched in a repeatable schedule. Find out more about how to secure your environment with KACE and critical tips for effective patch management.