Mistake 6: Ignoring (or not enforcing) Patch Updates
Every piece of software, device, server, router, switch, has a version of code on it of some kind. Since everything changes over time, you need to make sure your users are getting the most updated patches of all of them.
Patches and fixes are released because of vulnerabilities or inefficiencies in old code. Everything, from operating systems to applets, need to be fixed as soon as possible, because security vulnerabilities can exist in any of them.
For example, a version of Adobe had a vulnerability in which a virus could embed in a PDF. Without realizing it, someone could expose your organization to a large-scale problem with one click. Staying updated on the most recent patches helps mitigate that risk.
In addition to informing employees about patches, you need to follow up and make sure patches are actually installed. An Endpoint Manager software (such as IBM Endpoint Manager) can help you keep track of patches and enforce rules. This can help make it less labor intensive on your IT security staff.
If this is a mistake you’ve been making, don’t wait. You must act now. If you leave unpatched endpoints, it’s only a matter of time before someone tries to exploit them.
Dennis Webb, IT Security lead for CAS Severn, will discuss this in more detail at our webinar, Top 10 Security Mistakes (And How to Fix Them) on July 22.