Updating Software: Learn the Importance of Keeping Up-to-Date With the Latest Software Version and Patches
You may be familiar with Cisco’s slogan, “If it’s connected, it’s protected.” It’s the idea that you need to secure the people and devices that connect to your network from cyberattacks so your organization can continue to move forward. Securing the people, your workforce, has to do with identity and verifying users are who they say they are before they’re allowed to access network applications and resources. But what about devices? Why isn’t verifying user identity alone enough? Let’s look at why device security is a recommended best practice.
For a long time, it was common to allow users whose identity we had verified to access the network without first performing a health check on the access device itself. The focus was on the trustworthiness of the user, not the device. The thinking was, if we deemed the user trustworthy, then their computer must be as well. But then malware incidents started to rise, and some high-profile breaches and ransomware cases became public. A few were attributed to outdated software on a user’s device. In other words, poor device hygiene. Think of it this way. What if someone came to your front door and said, “Hi, I’m sick. Can I come in?” While you might be able to identify the person, would you let them into your house and risk infecting everyone inside? Probably not a good idea.
This has led to greater emphasis on assessing the health and security posture of devices before allowing them on the network. Outdated software in particular can be exploited due to vulnerabilities and bugs in the code. If the vulnerabilities go unpatched, the device can be compromised, opening the door for an attacker to enter and inject malware. The availability of exploit kits that automate the process of targeting known vulnerabilities with malware has made it easier for the weekend hacker to launch attacks.
Commonly exploited software
Vulnerabilities are routinely found in software that runs on users’ devices, both desktops and mobile. Here are three commonly exploited software types.
Operating Systems (OS): Widely considered the most important piece of software on a computer, tablet or phone, the OS is a frequent target of attacks due to its importance and frequency of vulnerabilities. New OS version and patch releases typically have security fixes to address identified flaws in the software that could lead to threats such as malware, phishing and denial-of-service attacks.
Browsers: Whatever your favorite browser is, you can be sure it’s open to attack if it’s not on the latest version. For example, in 2022 SecurityWeek reported on 456 vulnerabilities in Google Chrome including nine zero-days. Fortunately, modern browsers make it easier to be notified when a new update is available to help endpoints stay secure.
Plug-Ins: Enabling Flash and Java plug-ins was once a great way to extend the functionality of computer programs. Times have changed. Adobe stopped supporting Flash Player at the close of 2020, making it a big security risk for devices that still have the plug-in installed. Flash is still in use, however, and as is the case with operating systems and browsers, updating to the latest version is important.
Keeping devices updated
It’s clear that keeping devices up to date with the latest software versions and patches is important to the health of not only those devices, but also your network. You’re more likely to be protected against exploits and zero-day attacks. But how do you keep your endpoints current? Here are some points to think about:
Set Expectations: Decide who is responsible for keeping devices up to date. Do I expect my users to update their own devices or will it be done for them automatically?
Consider Enabling Self-Service: Self-remediation can unburden your IT team by empowering users to update their endpoints themselves through step-by-step instructions.
Create a Strong Access Policy: A strong access policy will assess a device’s health and security posture in real time and then allow or block devices from accessing resources based on the policy.
Be Inclusive: Today’s workforce is hybrid and so are the devices we use. You’ll need to account for remote and on-premises employees, a variety of device types, plus multiple operating systems and browsers.
Calculate Your TCO: Understanding your costs from both a financial and time allocation perspective will guide you to a solution that fits your organization. Stand-alone solutions can automate the update process but can also be expensive and time-consuming to implement and manage.
Keep devices updated with Duo
Attacks that exploit vulnerabilities in software can exact a heavy toll on any organization. Vendors such as Microsoft with its Patch Tuesday help customers by providing a regular cadence of releases that address flaws in its software code. However, every organization should take proactive steps to ensure endpoints are in a healthy state before granting access to resources.
Duo Device Health addresses the complexities of keeping endpoints compliant with your access policy. The Duo Device Health application, Duo’s lightweight client app for macOS, Windows and Linux, performs a device health check in real time at each authentication. Endpoints that comply with your policy are granted access, and those that do not are blocked until they’re updated. Users can easily update non-compliant endpoints through self-remediation which supplies step-by-step instructions. Similar to the Duo Device Health app, the Duo Mobile app performs a security checkup to notify users about potential issues with their iOS or Android device's hygiene.
If you’d like to experience how Duo Device Health can keep your users’ desktop and mobile devices protected from exploits and threats due to outdated software, sign up for a free 30-day trial.