You’re working on your computer and suddenly you get a popup alert saying your computer needs to reboot to finish installing updates. Your Google Chrome changes the color of your profile icon in the top-right to yellow or red. Another program asks if you want to update it because a new version is available when you open it. These situations are examples of automatic patching by your computer or software that require you to do something to finish the install, but you’re probably ignoring it because it’s either not a good time or you just don’t notice these alerts anymore because you’re so used to ignoring it for the first reason. But is this a big problem?
The answer is an emphatic “yes!” Patching is the single most effective way to help keep your IT devices more secure. Most patches for software including operating systems like Windows and MacOS are to plug security holes or other bugs in that software. Browsers, office programs like Word and Adobe Reader, operating systems for your network devices like firewalls and wifi routers, and all kinds of other software always have security holes. When companies find them and fix them, they roll out a patch that must be installed to fix the hole. Fixing those holes remove a potential way for your IT infrastructure to be attacked.
Back in May 2017, the British National Health Service was the victim of a massive “WannaCry” ransomware attack. That attack took advantage of a security hole in Windows that Microsoft had fixed with an update back in March of the same year, at least for their supported versions of Windows (Microsoft ended support for XP in 2014, but many NHS computers still used it). If their computers had been patched with the update, they never would have been vulnerable.
Many regulations that deal with IT infrastructure, like HIPAA, require companies to have a regular patching plan for exactly this reason. It’s not enough to just say you’re installing the patches when your computer asks you either. So what should a small business do?
Patch management software is generally the answer. Such software sits on a computer and regularly checks to see whether the computer and its supported software are patched with the latest patches available. It’s usually fairly cheap, comes with reporting to show whether computers are compliant, and can automatically reboot computers as needed to make sure patches are installed. It’s an excellent first step, but it doesn’t cover everything. Specialized or custom software often comes with a support contract so the company that sells the software will give you updates and install them for you. Network devices aren’t covered by patch management software and must usually be handled manually.
Considering the complexity of making sure all your software and devices are covered, having an IT professional handle it for you is the best way to ensure your company is patched. Forge IT Consulting offers options to keep small businesses covered.
