Salutations, if you are new to the series start here Day 1. To those who are caught up let’s get to it. Today we are diving into a very important hardening topic…patching. When you visit a bad site, or click a bad link you generally haven’t lost full control of your computer yet, but if you have a vulnerable web browser and you click a bad link that is set up to take advantage of the weakness…it could be game over already. Therefore, lets take the 5 minutes to make sure we have patched our software.
Here we should return to our list of digital assets and make sure that each one of them is updated…and we have to do this at least every month…and whenever a serious vulnerability comes out…sounds like a lot of work right? It can be, but there are free tools that, after a bit of set up, will make this burden bearable.
Do the following to deploy a sustainable approach to keeping your systems updated against attacks:
- Identify a patch management software solution – free options include PDQ.com or manageengine.com among others (If you have an IT professional ask them what they recommend for your environment)
- Deploy your patch management software to all workstations and servers. Configure it to update your workstations’ Operating System (OS), 3rd Party software and Firmware. You should check for updates to software and firmware weekly and check for OS updates on the 15th of each month.
- Add a recurring reminder to your calendar to spot check 1 or 2 devices to ensure backups are still being performed as expected.
If you have any questions about the preceding feel free to reach out! Happy hunting.
Be sure to come back for Day Nine / Security Visibility / Part One
CTO / Principal Engineer