Guest Post by Ronn Hanley:
Applying security patches to the Operating System of your computer can save you a ton of trouble when fighting viruses and malware. The problem is, as technicians we don’t always go far enough when it comes to patching software and hardware. It’s important to realize that you and your clients are vulnerable from other directions as well.
Most clients understand their systems have vulnerabilities, but they’ve been conditioned by one marketing campaign after another that once the operating system is patched they’ll be protected.
It’s a given that patches come out for everything from MS Windows to every version of Linux. The problem is, in the rush to protect the ‘main’ system, it’s possible to forget that support software has the same or even worse vulnerabilities. This includes office suites, productivity software, online games, web browsers, document viewer or rendering software, plug-ins, and system firmware – free, shareware or commercial – the bad guys don’t care.
It may seem like a no brainer that simply patching the operating system isn’t enough, but how obvious is it really? I’ve been doing this for a long time and I only became aware of how serious the ‘third party problem’ is within the last 3 or 4 years.
Clients want the fastest answer to their problems. Most know that if they are using a Windows system there will be patch releases that they have to deal with and that’s as far as it goes for them. They neither know, no care that there may be other issues to deal with. This is one of those things that must be built into your Service Level Agreements’s (SLA) not only to cover you, but to make sure that the client isn’t left hanging.
Research is key
Malware writers are on a constant hunt to find weaknesses in all software and every time a security patch comes out they are immediately find ways to circumvent it.
If you’ve worked with your clients for any length of time you have an idea of what’s on their systems. If part of your SLA is doing updates to software or firmware it’s always a good idea to keep a log of what software they have installed, when the last update was done and whether or not any new vulnerabilities have cropped up since your last visit. This is why documentation is so incredibly important.
I keep a running log of my client systems that’s only a page long. It has a list of the major and support software that they use on a daily basis. This process can be time consuming to start, but once the basic list is done, it’s easy to update or remove entries. The way I look at it, if this is the first time I’ve sat at a computer I automatically assume that NOTHING has been updated, this keeps me from missing things.
Belonging to sites like Technibble or Techrepublic (well, back in the day…) can pay off. Reading articles or being involved in forums can give you a heads up about which software is the current favorite of malware attacks. There’s no way you can know it all, or even keep up with every little change.
That’s where a helping hand can be a great thing.
Software that can help
I’ve found Secunia PSI to be an invaluable tool for Windows based systems. The software can either be used as a downloaded app which will scan the entire PC on demand looking for software that needs to be updated and then pointing you to the manufacturer for download or purchase. It can also be set to routinely scan the system and give you updates when something has become outdated, but I don’t recommend this setting in a business environment since its likely to slow the PC down. The software can also be run as a web based app, but it will only do a surface scan and can miss programs.
Secunia PSI is designed for home PC’s but they do have a version for Enterprise level systems called Corporate Software Inspector (CSI) which is designed to act as a vulnerability scanner with a patch management system running on the back end.
The programs work well on Windows based PC’s and the company claims they work well on Apple, but I haven’t been able to test that yet.
About the only complaint I have with the software is that it can take some time (5 to 10 minutes) to scan a full HD and report its findings. And then for some third party software you have to visit the company website to get the update or patch. PSI will automatically update most software, but not all.
Ultimately you protect your clients
The larger software companies have teams of people looking at their software, finding holes and then patching them. The smaller developers don’t have that kind of manpower or capital, so it’s no surprise that a third party application is going to be more vulnerable. That doesn’t mean that it has to be a crap shoot every time you sit down to take care of a system.
It may take some time to develop a solid plan to keep your clients patched and protected, but that time is an investment in your business and the health of your clients systems.
Guest Post by Ronn Hanley: Ronn is a technology enthusiast from way back, during the dark ages of the Arpanet and the Purple monochrome monitor screens. His first computer was a Commodore PET and his first laptop was the size of a suitcase. Despite that, he loves computers and technology to distraction and has been working in the tech world for almost 10 years full time, currently as the owner of a Desktop and Network support company in Atlanta, Georgia.