In the last week, an update proliferated through our clients’ servers. A small minority of our clients’ servers went down during these updates. A vast majority did not have a problem at all. But that small minority represented hundreds of users. One of the questions I was asked was: do we really need to do updates?
Yes, You Need To Do Updates
We cannot stress enough how important it is to stay on your updates. At times, a server may go down or workstations may be slow, but the updates must be applied. The reason is simple exploits, 0-day infections, and hackers take advantage of unpatched systems.
Issues such as WannaCry, Petya, and more have taken advantage of people not updating their systems. The viruses enter in through a rogue website, email or link someone accidentally clicks on and the viruses in the system through a known exploit. This is extremely dangerous, and that is why we do updates every day.
Updates are Required by Massachusetts Law
On top of that, in the state of Massachusetts, where our headquarters are, there is an actual law that requires us to stay on the updates through the entire network. Under Massachusetts law 21.CMR.17 and its subsequent judicial trials, the state is looking for at least a minimum of a 90-day window for hardware and software updates. It is also a rule of thumb that the government wants to see updates done within a 30-day window. With 0-day exploits, viruses, and issues like this suddenly popping up. We have a policy of doing our system updates weekly and are third-party patches daily. It stays ahead of the game.
Don’t Become a Weapon
As also blogged about before and we were cited in multiple articles: people who don’t patch and do not have critical data also can become a weapon. So a person who has a very low priority network does not do their patching, their network can be used against someone else. It makes them a liability. Now you may say I am not even anywhere near a critical network, nor do I have clients that are, but you can be put on the hook for not following best IT practices when it comes to data security.
That is why we extremely recommend that you stay on your updates even though they may be painful at times. Want to learn more about staying on top of updates? Contact Triton Technologies today to learn about our Managed IT services.