October is Cybersecurity Awareness Month. Part 5: Update Your Software - Security Boulevard

2 years ago 68

In this multi-part series, we’ll look astatine what organizations tin bash to amended better firm cybersecurity arsenic portion of October’s Cybersecurity Awareness Month. In this blog, our absorption is keeping your bundle up to date.

Updating bundle whitethorn look similar an evident enactment to continuously bash but it’s often ignored erstwhile things “just work”. Most radical either don’t privation to instrumentality the clip to bash it oregon don’t privation to hold for attraction windows to execute the upgrades. As a erstwhile bundle engineer, I cognize caller bundle comes with known features and bug fixes and astir apt immoderate caller bugs arsenic well. However, it’s inactive a bully thought to bash the upgrade, particularly erstwhile determination is simply a known bug that is creating issues oregon determination are fixes for known vulnerabilities.

As an extremity user, you should program to upgrade your mobile device(s) arsenic good arsenic your laptop(s) and different machine systems. Both tin beryllium done automatically, and this is recommended. In immoderate instances, you whitethorn privation to hold for your organization’s IT section to fto you cognize erstwhile an upgrade is recommended. This is mostly due to the fact that the IT volition privation to trial the caller bundle to guarantee that it doesn’t interruption immoderate existing applications.

As an IT administrator, you’ll privation to support an oculus retired for each bundle updates from your web devices to your extremity idiosyncratic devices. If you person enactment contracts, you’ll astir apt get notified of caller bundle releases and you should spell done the merchandise notes to spot what caller features came in, what caller bugs were introduced, and what existing bugs were fixed. In immoderate cases, an ISSU (In-Service Software Update) is disposable which volition assistance guarantee zero to minimal downtime. In web devices that enactment ISSU, the backup instrumentality is upgraded and past a failover is triggered. Then the erstwhile progressive instrumentality is upgraded, and the passive instrumentality relinquishes progressive presumption backmost and your active-passive clump is upgraded with nary downtime. For SaaS applications, the upgrades are automatic, and the lone happening needed is to marque definite you recognize what’s successful the latest update. The update whitethorn see immoderate chill functionality that volition marque your enactment much productive oregon secure.

Some vendors supply RSS feeds that see accusation connected vulnerabilities on with accusation connected fixes and bundle updates. As an IT administrator, you should person an inventory of bundle utilized successful your enactment and should continuously beryllium tracking devices that request to beryllium upgraded. With EDR and MDM solutions, you volition beryllium capable to way extremity idiosyncratic devices and you should make policies that necessitate devices conscionable circumstantial bundle mentation levels to summation access. If a instrumentality is moving compromised software, including the Operating System (OS), that strategy whitethorn beryllium utilized to breach your firm network.

This concludes our Cybersecurity Awareness Month series. Continue to sojourn our blog site to larn much astir deploying a modern Zero Trust Network Access (ZTNA) solution.

The station October is Cybersecurity Awareness Month. Part 5: Update Your Software archetypal appeared connected Banyan Security.

*** This is simply a Security Bloggers Network syndicated blog from Banyan Security authored by Ashur Kanoon. Read the archetypal station at: https://www.banyansecurity.io/blog/october-is-cybersecurity-awareness-month-part-5-update-your-software/

Read Entire Article