Blog / Getting Specific About Update Recommendations
Keeping your IT current is common advice, but what exactly should you keep updated?
One of the most common IT recommendations is to keep your system up-to-date with security patches and other updates. Unfortunately, while true, it’s advice that’s almost too broad to be helpful (almost). The effect is that, more often than not, organizations focus on updates for their operating system (ie: Windows/iOS) and consider the issue resolved.
It’s kind of understandable too, given that in the world of IT it can sometimes seem as though nobody likes to apply patches. Nobody. First, applying a patch can lead to unexpected behavior in whatever you’re patching, making end users frustrated and causing additional headaches for IT. Second, since patches can cause interruptions to workflow, they are often done after hours. Your IT team gets to work late to update tools and utilities that sometimes aren’t even used (which is why you should commit to regular tech audits). Third, sometimes a patch goes wrong, suddenly forcing IT to correct a serious, unexpected problem. When you put all of this together it’s not difficult to understand why IT personnel sometimes aren’t generally keen to push hard on updates.
However, regardless of how your IT team gets over its distaste for patches, it’s still important to know what exactly should be updated. The glib, simple answer is absolutely everything, and it’s true, but also a bit headline defying so here are some exact applications and systems your IT team should be focusing on to keep current.
- Firewalls
- Switches
- Operating systems
- Software your organization uses
- Software installed on your devices that your company doesn’t use
- Hardware BIOS updates (for motherboards, drive controllers, etc.)
Some of these devices, like firewalls and switches, are often forgotten, despite being absolutely crucial to your cyber security profile. In fact, often the only time they get looked at is during installation or if they’re causing a problem.
Now when it comes to software, most organizations are pretty good about keeping their OS updated, but actual applications are another story. Typically the only applications that get updated have built in update checks, like Firefox or Chrome. If an application doesn’t perform its own checks, updates generally aren’t done.
On the hardware side, physical devices like hard drives or graphics cards and controlled by microchips. Sometimes those chips are burned in when the device is built, but others are programmable so can and should be updated. These are BIOS updates and they’re just as important as any other software update, and maybe even more so as the BIOS determines how devices behave.
When it comes to keeping your IT up-to-date, it’s not enough to just Windows update do its thing; everything about your IT needs to be kept current if you’re serious about maintaining security. Some of it can be automated, some can’t, but regardless of how they’re installed, failing to take an update or patch leaves you vulnerable to both software and hardware exploits that can in turn cause serious harm to your organization’s goals and bottom line.
The cure of course is to know what to fix, so this splash of Shakespeare comes from Twelfth Night: “I say there is no darkness but ignorance.”
If you’d like help planning or executing your own update calendar, contact TRINUS and we’d be delighted to help out.
Be Kind,
Courtesy your friendly neighbourhood cyber-man.