Tip #12 for National Cybersecurity Awareness Month: Keep software up to date.
Cybercriminals exploit unpatched and out-of-date software, operating systems and hardware to gain unauthorized access to systems.
And it’s not good enough to keep just one of these up to date. Cybercriminals will look for a weak link anywhere they can find it: on your laptop, a program, a Wi-Fi router or a cellphone. Leaving any of your systems unpatched and not updated opens the door for criminal access to everything.
Steps you can take
Keeping your software, systems and devices up to date is one of the simplest and most effective things you can do to mitigate the risk of falling victim to these type of attacks.
Install updates timely once they are released.
Set up or verify automatic updates are configured.
Periodically verify the automatic update process is working properly.
Upgrade or discard technology that has reached its end of life (EOL).
Once a product reaches its end of life, it is no longer supported by the vendor, meaning that when security holes are discovered, patches are not released for them. Current common EOL examples include: Windows 7 or Windows 8/8.1 and antiquated iPhones/iPADs, Android phones and tablets.
Don’t forget about network equipment and Smart devices.
That’s right, your home router, wireless access point, SmartTV, Smart Lights and most any other devices connected to your network need updates too. The first step is to develop an inventory of all of your devices and then work through the steps previously outlined. If you run into the term “firmware,” don’t be intimidated by new lingo. Firmware is simply a term for the software that runs on network equipment and Smart devices. In most cases, updating to the latest version will patch known security holes. You may need to contact the vendor to be certain and/or for help with the update.
If you are involved in IT department oversight at work, make sure you’ve got strong patch management policies and procedures.