September 28, 2016

Take the Time for Patch Updates

Small organizations often struggle with implementing a patch management lifecycle.  Why? One word: resources. Many small businesses have an IT consultant and/or a managed service provider, and they don’t consider patch management in their roadmap for a small business.

ransomware, phishing

So, where should businesses start? How do they stay safe from ransomware? Can your small business survive a cyber incident like ransomware? Always remember the golden rule: keep it simple.

The first step an organization should take is to ensure that workstations and servers are updated with the latest Microsoft patches.  Work with your IT consultant or managed service provider to define a date and time where all critical and high Microsoft patches will be installed.  First, make sure to deploy these patches to a few machines to ensure that no instability occurs, then define a date and time to roll out to the rest of the organization.

Recent ransomware events such as wannacry and notpetya have taught us that attackers rely on organizations not patching systems.  If your organization can ensure that you’re only a month behind on critical and high patches, you’re already beating the odds of a ransomware event occurring at your organization. Patching is not a silver bullet, and it will not keep your company safe from all ransomware events, but it will help mitigate a large percentage of the attacks.

Most small businesses cannot afford a cyber-attack so take the time and get to patching.

Remember, keep it simple.