The 10 Commandments of IT Security

IT Security Commandment #3: Thou Shalt Keep All Systems Up to Date

Some folks are always up to date with the latest in fashion, in cars, in music. Others are not because staying “current” in those topic areas is not important to them. That’s fine. But to business owners and managers, choosing to be laggard when it comes to updating computer network hardware and software is against the 3rd Commandment of IT Security.

Here are key things that must be kept current and why holding true to this commandment is so important.

Patching is Paramount to Ongoing IT Security

The first way to stay up to date is an ongoing and routine process called “patching.” This includes product improvements, but our focus here is on security patching. Patches are essentially new pieces of code that, as developed, are rolled out to computer software and hardware. A patch is developed to fix/modify the system in order to create a defense against or eliminate a known vulnerability. The security hole that a hacker would employ to attack a network is then remedied by the patch.

Computer networks and systems where an ongoing patching program is in place are more productive, experience less downtime, offer more protection and compliance. To ensure you are keeping this commandment, maintain accurate and timely records of all hardware and software in use in your organization and put in place a patch management policy and program (often done by an IT resource like IT Radix). Finally, consider testing patches before rolling them out as sometimes they do cause other unintended problems. It is important to note that one simple, yet important, action must be taken in many cases to install patches—restarting your computer or your network. Rebooting can also help clear temporary problems in addition to fully applying the updates upon restart.

EOL (End-of-Life) Products Are an IT Security Risk of the Highest Order

Another way to maintain accord with this commandment is to ensure that no hardware and no software in your environment has reached EOL (End-of-Life) status. All products have a life cycle, not just technology products. The cycle is essentially development, introduction, growth, maturity, and decline. When technology nears the final phase of its lifecycle, the software or hardware producer generally announces an EOL date. Around or on this date, there is no further release of new/updated features and technical support, training, and other support services are no longer available. While everything may still work, EOL products are a security risk of the highest order. Hardware and software that are EOL and attached to the internet are akin to an open door to your network, your data and ultimately to continuity of your organization.

When it comes to technology, it pays to be “fashion forward” at least in terms of IT security and keeping your systems including all hardware and software up to date. Don’t be the last one to update things, be one of the first! Contact IT Radix today to help you stay in the forefront of IT security.