Are all your computers running current software or are there potential exploits lurking?

A lot of organisations think their computers are up to date because they have set a policy to apply all the Microsoft software updates and security patches, but this is only the tup of the iceberg.  Whilst it is great to make sure your Microsoft operating system and applications are up to date, they are not the only things running on the computer, but these are typically the only things that get regular updates because it is so easy to switch on and let Microsoft do the rest, however....

Computers run lots of applications, sometimes an organisation doesn't even know all of the software in use within the business, let alone if it is current and supported.

Out of date software can be one of the biggest threats to a business, especially if the business doesn't even know that the software is installed on some of the machines in use.  This is why the Cyber Essentials and Cyber Essentials Plus accreditations require software to be kept up to date and running versions that are in support by the software vendor and have all security updates applied.  

The first thing any organisation needs to do is understand exactly what software staff are using. 

In an ideal world users would not be able to install any software of their computer and it would all be managed by the business, but it is not an ideal world.  Even with the best will in the world, and in some of the most locked down environments, we have still come across shadow IT, where staff have installed packages as an exception that then get forgotten and over time this becomes a liability.

What can you do about it?

As we said before, unless an organisation knows what it has, it is impossible to manage it.  Yes you may get 80% - 90% of the software but what about that other 10% - 20% of software that slips through the net, that, potentially, is a HUGE attack vector.

Firstly, find out about all of the software in use and make sure the reporting remains current, in other words, don't find out about the state of the environment just once and hope nothing changes, keep a real time view of what is in use in the organisation, this is where we can help with our RMM (remote management and monitoring) solution which allows us to share with you the real time status of your environment, including a full audit of all the software, including the version information, that is in use.

Secondly, make sure that the software is running the latest version of software with the security patches and updates applied.  This is where our patch management solution comes into play, where we can check what version is running, compare it with the vendors supported version(s) and apply updates where necessary. 

One of the unseen advantages of using our RMM and patch management solutions is that it makes getting and maintaining Cyber Essentials and Cyber Essential Plus easy, because organisations using our services typically pass without issues because the environment is continuously monitored, managed and up to date.

It also makes it far easier for the organisation to get Cyber Insurance because insurers like to hedge their bets, and if a business can show it's computer environment is managed and maintained with current software that is security patched, it will be more willing to underwrite the policy and also may lower the premiums as the business is seen as being far lower risk.

If you would like more information about our RMM and Patching Solution and having your environment under management or if you are thinking about getting the Cyber Essentials or Cyber Essentials Plus accreditation's we'd be more than happy to help, call us on 01722 411 999 and we can even provide you with a FREE snapshot of your environment so you can understand the current state of the computers and then plan how to resolve any issues that are found.