What is all the fuss about updating software?

There never used to be a fuss about it.

In the past, updating software was about developers fine-tuning their programs, making extra features available and tweaking the way they work for optimal end-use.

But with cyber crime advancing to the level it is today, updating software is as much about fixing recently discovered bugs and addressing the latest security issues.

Some updates are small enough to run in the background, but many require an actual download. These larger pieces of software are called patches, and it’s up to you to install them. They’re usually free and are necessary for your system and programs to continue running smoothly and, above all, safely.

Problems with patching

However, there are drawbacks associated with patching that result in them not being installed timeously, if at all. These are the drawbacks:

  • It takes a lot of time to manually apply a patch across all company devices.
  • There’s reluctance to apply a patch until certainty about its performance has built up.
  • If every application needs its own update, which download do you prioritise?

Cyber attackers bank on the above, and the fact that many companies won’t install the latest patches immediately. During this window of opportunity, they have free reign to attack.

For commonly used third-party apps such as Adobe Reader, Adobe Acrobat, Flash Player and Mozilla Firefox new updates become available every week, sometimes more than once.

Microsoft Teams updates also automate every two weeks and Zoom about once a month. Multiply these apps by the devices linked to your company, and the task of keeping up with all the updates becomes a disruption in itself.

Because apps like these are so widely used, they’re obvious targets for cyber criminals, who have a better hit rate with them. When a patch is announced, it alerts them to a vulnerability and they quickly get on to finding it, knowing they have a window of opportunity to exploit it.

According to Verizon’s Data Breach Investigation Report, 70% of cyber attacks were linked to a vulnerability for which a patch was available, but not installed.

An independent survey conducted by Ponemon showed the average timeline for patching critical vulnerabilities can be as much as 16 days. That’s plenty of time for an opportunistic hacker to make headway.

There’s no better example of a cyber attack that could’ve been avoided than the infamous and far-reaching WannaCry ransom attack, which spread across 150 countries and caught more than 300 000 computers without the available patch.

As soon as an app goes out of date, hackers target the vulnerability and inject malware into the unpatched system. Attackers can only target exposed systems; they can’t create exposed systems. Therefore, it’s entirely up to a company to ensure its system isn’t exposed.

Keeping all of a company’s applications up to date – across all devices – can end up being a fulltime job, but it’s one that must be done.

If you’re not managing to stay on top of patching, the alternative is a patch management service, where all patching happens automatically as soon as a patch becomes available. It reduces your vulnerability time and requires no user intervention. Once installed it will keep on patching in the background.

If you think patch management may solve your patching problems, chat to us about your options.

Cloud / VPS Hosting

Learn about IronTree’s specialised virtual private server (VPS) hosting.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

Does your business send bulk emails?

Learn all you need to know about Google & Yahoo’s new requirements for bulk email senders.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

This field is for validation purposes and should be left unchanged.

"*" indicates required fields

Hidden

Training

We also offer certified training packages The training will cover POPIA in general. We have two options available. Once off costs. Employee Awareness Training - R490 per candidate Senior Employees Awareness Training - R650 per candidate All prices exclude VAT

Company Structure

Are you part of a group structure?*
IronTree is committed to protecting and respecting your privacy, and we'll only use your personal information to administer your account and to provide the products and services you requested. From time to time, we'd like to contact you about our products and services, as well as any other content that may be of interest to you. If you consent us contacting you for this purpose please tick the checkbox below*

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

"*" indicates required fields

Hidden
Keep me up to date

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

Give us a call:

+27 87 943 2278

Send us a WhatsApp:

+27 66 372 4061

Drop us an email:

After hours support:

+27 72 595 1066

After hours hosting support:

+27 76 102 9813

Log a support request

The reseller zone is currently out getting a facelift as we look to integrate it with our backup platform, as it stands you can overview your clients on our new backup console. If you don't know what console that is, please reach out to us.

"*" indicates required fields

Hidden

I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

This field is for validation purposes and should be left unchanged.
One of our team members will be happy to help answer any questions you have!
Just click the chat icon in the right-hand corner.