Blog

Share to Facebook Share to Twitter Share to Google Plus Share to LinkedIn

We emphasise the importance of keeping all your software up to date, why every user and company should do this and suggest ways to help keep software current.

Introduction

Making sure that the software that you use on a daily basis, and that runs in the background providing your users with the shared services that modern businesses expect, is up-to-date and secure is a task that can often go overlooked. This is especially true in smaller organisations which may not have their own internal IT resources or for those who outsource their IT to IT support companies who either de-prioritise this important task or who do not have the allocated budget to carry it out. 

Don’t ignore software updates

It can be frustrating when you receive numerous prompts to update your software on your computer. It is so easy to just click “ignore” or “update later” so you can carry on working on your machine. However, repeatedly delaying  software updates can lead to more serious issues further down the line. We will take you through some of these issues and explain the value of keeping software up to date as a user and as a business.

Security Vulnerabilities

This is probably the most common issue you will hear banded about by those in the IT industry – and there is every reason for this. Updates are essential for plugging the security loopholes hackers will find and try to expose in an attempt to perform a malicious action. Updates should be carried out on your desktop PC, laptops, servers and even smartphones. Any device that prompts to update its software or hardware is doing so for a reason - so this should be done as soon as possible. Doing so will ensure key emerging vulnerabilities are addressed in good time and that any bugs in the previous version of software will most likely have been fixed by now.

managing updates

For network devices such as more advanced firewalls, an update on its software could also provide more comprehensive functionality. Features such as checking incoming and outgoing traffic for viruses, filtering and blocking undesirable websites and checking for known signs of attack and intrusion on a network can all help improve the overall abilities of the device and ultimately make your network more secure.

Such features all need to access a regularly updated database of threats and vulnerabilities to function effectively. Updates to these services - including new anti-virus definitions and adding new websites to the database of undesirable websites - is essential. Without these updates, new threats are not detected and over a short period of time the security features become more than useless as they may give a false sense of security.

Managing updates

For software that sits on the client machine, it is equally important to keep everything up to date. Whereas most software applications can be configured to regularly check for updates and keep themselves well patched, there are a number of tools available which will help centralise and control the management of this process. Administrative tools such as Ninite or Chocolatey allow you to centrally control the updating of a very broad range of software packages installed on your client machines. This can be useful if you don't want to rely on each of your end-users manually updating software packages themselves and or rely on them to sensibly respond to the prompts to update, usually provided by third party software packages.

Or, even worse, having you or one of your IT team going from computer to computer manually trawling through the installed packages, checking which currently have updates, and then manually updating them one by one. And then, having to do this all again in a month or two's time to ensure that they constantly and consistently stay up to date.

With the growing range and sophistication of malware threats and exploits, particularly to the better-known commercial software packages, it is very much recommended that you explore the possibility of locking down the updating and patch management of the software deployed on your users’ machines and not just to rely on an anti-virus solution to fully safeguard your users’ computers.

Installing Anti-virus software

Anti-virus software - it goes without saying that if you choose to update no other software package on your computers, you should without doubt make sure that your anti-virus or PC IT security software is always current and up to date. The outlay for doing so is usually modest particularly when managed on an organisation-wide basis and when licences are purchased in multi-user packs. This should most definitely be an item that you budget for every single year. Again, the updating of anti-virus and anti-malware software can be very easily centrally managed ensuring that all of your servers and PCs and laptops etc are constantly kept up-to-date with the latest virus definitions and anti-malware tools.

The key benefit of centralising your management of anti-virus software is the ability to tell at a glance which machines are running out of date versions of either the software or virus definitions and then having the ability to choose a course of remedial action which may, depending on the strictness of your security policy and the criticality of safeguarding your data, include locking them out of your corporate systems until the situation is remedied.

Software update subscriptions

As touched upon earlier, software update subscriptions are becoming more and more common. Back in the good old days it was possible to purchase a boxed copy of the piece of software, install it on your computer and then happily use it for the next 5 to 10 years. These days things aren't so simple. Most software companies are furiously attempting to move their user base onto a subscription-based model whereby you never actually own the software, rather paying a monthly or annual subscription in order to retain the privilege of using their products. There is a certain logic to this in that these companies need to generate regular revenue to keep their operations moving and to keep developing new products and advancing the existing ones. Also, with security being a more prevalent consideration, they also need to constantly update their software tools to meet the growing range of security issues facing the software industry. If you are not currently on a subscription model for the software that you are using it is likely that over the coming years you will eventually be moved onto one.

updating software

For those of you who still use applications for which you have paid a one-off fee for, and also have an optional annual subscription for further support and updates, we strongly urge you to consider this to keep your software up-to-date. Regardless of the new features and benefits that maybe accrued from keeping software up-to-date, there are two further considerations which makes this more and more desirable:

Firstly, the rate of change of technology underpinning most modern operating systems is increasing to take advantage of the increased hardware capabilities of machines being produced today. This means that software that may have run quite happily on, for instance, Windows XP, will most likely not run reliably on the latest versions of Windows, and have no chance at all of working on subsequent versions of the Windows operating system.

As part of our regular testing of software applications prior to upgrade and deployment for our clients we are finding an increasing number of products which either don't work or work with some quirks on the most recent versions of all operating systems, including the Mac which has famously defended its backwards-compatibility policy.

Secondly, but more importantly, with cyber-crime becoming more prevalent and more and more newsworthy, there is less tolerance for organisations that do not take the necessary steps to safeguard their staff, client and operational data. With support fees typically being between 10 to 30% of the original software cost, paying annually is a very worthwhile consideration to keep all of your software in the organisation up to date.

Conclusion

An organisation which doesn't keep its software running the latest versions and fully patched against current threats will receive little sympathy should it suffer a breach and subsequent data loss, setting aside any lost productivity from compromised computers or poorly performing software. With IT security issues now regularly making mainstream news headlines, ignorance can no longer be used as an excuse, or defence, against not keeping your system secure over time. GDPR and general compliance regulations place an ever more explicit duty of care on organisations to ensure that they are doing all they can to safeguard the data under their care.

Further Reading

For more information, please visit: https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/software-updates-important/