If it seems like keeping your business protected from cyberattacks has become more difficult since the pandemic, it is not your imagination. Cybercrime of all types has been on the rise and includes everything from cloud jacking to ransomware attacks.
Cloud attacks were up 630% in 2020 and ransomware attacks were up 485%. These and other types of online attacks take advantage of unpatched system vulnerabilities.
For example, a new strain of ransomware that hit the Microsoft Exchange server this year exploited unpatched vulnerabilities in the software code. Companies that don’t keep up with software and firmware updates often end up paying the price as soon as an exploit is introduced into their network by phishing, a malicious website or another method.
Many companies use managed IT services to ensure that their devices are being updated properly. Those that don’t use these services may end up being victimized even long after a patch has been released to fix a known code flaw.
What is the Difference Between Patches & Updates?
Both updates and patches are equally important to install on your devices. You will often hear the two words used interchangeably. However, they are not quite the same.
Patch
A patch refers to a security patch that is designed to fix a specific flaw in a code that makes it vulnerable to hackers. Patches can be issued alone or along with other code updates inside an “update.”
You might also hear a patch referred to as a “security update” which indicates that an issue was so important that only the security patch was issued instead of it being grouped with other code in a pre-scheduled update release.
One recent example of this is the security update Microsoft released at the beginning of July for Windows. A security flaw dubbed PrintNightmare was found in the Windows Print Spooler service that could allow an attacker to install programs, delete data and gain full user rights.
If you haven’t already installed this update, you should do that now to ensure that your PC is protected.
Update
An update can include security patches. However, it will also typically include other code designed to update your OS or software for a variety of reasons including bug fixes that are not security-related and to add new features.
Updates can contain any or all of the following:
- Security patches
- New features
- Bug fixes
- Compatibility enhancements
What Should You Be Updating?
There are three main areas of a device that should be receiving regular updates to ensure your technology ecosystem is secure.
Operating System
A PC or mobile device operating system has a lot of code that can be exploited by a hacker to take over your machine if they find a weakness. Operating system updates come regularly and you will usually be notified through a popup on your desktop.
Mobile devices usually don’t have updates quite as often. However, those Android and iOS updates are just as important. In 2020, 53% of surveyed companies experienced a major data breach that originated from a mobile device.
It is important to install operating system updates in a timely manner to ensure that your endpoints remain secure.
Software & Apps
Software and app updates can be tricky to keep up with because they can be done in different ways. Some software may auto-install an update (unless you turn the setting off). Some may give you a visible indicator of an update somewhere in the app and others may require you to go looking for the update setting to check for a new update.
Any software or mobile app that you use on a device should be kept updated because a flaw in the code can allow a hacker to gain access to all of the data on your system or send ransomware throughout your business network.
Approximately 60% of data breaches involve unpatched system vulnerabilities.
Firmware
One of the types of updates that companies often miss is firmware. Firmware is the code that tells the hardware on your computer (or other devices) what to do. This includes things like how to load the operating system. Firmware updates are needed for PCs, mobile devices, routers, printers and any other internet-connected device.
Firmware updates typically do not come out as often as OS and software updates. However, they are just as vital to install to ensure your network security. They also aren’t typically as visible to the user. Many computer manufacturers require you to go into their app to check for and install a firmware update.
Due to firmware often being ignored when it comes to update strategies, attacks have been on the rise. In fact, they have increased by five times in the last four years.
Don’t Risk Your Security! Automate Your Updates & Patches
A managed services plan from Sound Computers can ensure that your Connecticut business doesn’t miss any important updates or patches that leave your company at risk.
Contact us today to schedule a free consultation. Call 860-577-8060 or reach us online.