Security Updates

The Equifax breach in which 143 million Americans had their Social Security numbers and home addresses exposed was caused by a vulnerability that had been publicly disclosed 2 months prior.

Updates in software occur to fix various issues, inclusive of security vulnerabilities and updates should be performed as soon as possible from their release date. Automatic updates should be enabled by default when installing new software, and periodic checks should be conducted to ensure that the attack surface is drastically reduced on all devices. A list of software that does not contain automatic updates should be created. This list should be then be reviewed on a bi-weekly basis.

Operating system updates should be set to either automatic or scheduled for a more convenient time (i.e. at 11pm at night). In larger organisations these updates can be forced by a technical administrator through group policy, ensuring that all machines have downloaded the updated. By enabling this setting, you will ensure that these devices do not fall victim to old security flaws.

Anti-virus software is a necessity for all devices connected to the internet. They are updated with malware signatures that are used to determine whether a file is malicious or not. However, the antivirus software can only detect malware for a signature that has been identified and published by the program’s authors. Due to this there is a period where a new malware is released, in this time the malware can attack unprotected systems, this is known as ‘zero day’ until the system is fixed, and the antivirus signatures are updated. Therefore, full scans and definition updates should be performed daily to reduce the risk of malware being present on the device.