Ask people why they should update their computers operating system, and most, if not all, will reply, ‘to keep the bad guys out and your sensitive data safe’. Although surprisingly, 40% of adults fail to update their computer or smartphones at all.
We know that OS updates are extremely important and that the sooner you update, the sooner you have a greater level of protection. But you have a deadline; you really don’t need the disruption of another installation, right now. The ‘remind me later’ option popped up along with that all-important update notification – so, it can’t be so essential, after all. Cyber-attacks seem to be pretty rare and they must only happen to careless people, right?
As human beings, we rely on our past experiences when it comes to our daily decisions that involve risk, whether that’s crossing the road, making a financial investment or paddling out into shark-infested waters on a surfboard. By our nature, we underestimate the likelihood of something negative happening to us, but conversely we continue to buy weekly lottery tickets in our millions.
However good your antivirus claims to be, it simply isn’t enough to keep you safe online. Operating system updates close known security flaws that can grant access to the cyber criminals but they also offer many positives for businesses, which can be overlooked.
What do security updates do?
At first glance, this may appear a daft question but the software companies have experienced criticism for not clearly explaining the purpose of their updates. With limited understanding, it is no surprise that users often hit snooze on time-critical OS updates.
In addition to patching security vulnerabilities, OS updates will fix bugs in the system to improve performance. Therefore, by installing the latest version, you’ll also receive the benefits of more advanced programming, such as improved stability. Developers use the opportunity to add new features and remove outdated functionality, which can enhance responsiveness and prevent untimely crashes.
We know they provide a superior level of protection but as the cyber criminals patiently wait to strike, what are the things they hope we’ve failed to consider when we click ‘remind me later’?
Criminal entry points are publicised.
When the tech giants launch a new update, they may as well do so with a megaphone. Updates may be free to users, but they have invested heavily in them, both in terms of time and money. For the cyber criminals, a launch spells-out the exact system versions they need to target. By failing to update, you remain open, at risk and highly vulnerable.
Take the aptly named ‘WannaCry’ ransomware attack in May 2017. The global attack targeted Microsoft operating systems, demanding bitcoin in exchange for the encryption key. In just 4 days, there were 20,000 victims with 300,000 devices affected – However, Microsoft released an update to patch this known threat several weeks prior.
Viruses are catching.
As with human viruses, computer viruses are transmissible. Cyber security largely focuses on keeping the user, their personal and business data safe, but what about colleagues, family, friends – customers? Removable hardware and USB devices can rapidly deploy malware. In a world of paperless offices and remote collaborative working, shared cloud files can pose the same risks.
Antivirus and OS updates provide real-time security alerts, immediately identifying high-risk attachments or fraudulent software.
Never trust your auto-update.
For CIO’s, CISO’s and their teams, keeping of top of OS updates can be never-ending task with updates seeming being deployed in frequent succession. However, no sooner have the tech companies closed a hole; the criminals are ready to exploit the next. It is a continuous game of cops and robbers – literally.
It certainly helps to set automatic updates. The regular updates will run routinely, but major operating system updates require still require user approval – providing the opportunity for users to snooze that vital system request. Therefore, it is essential that frequent checks are performed and reports are updated.
For those managing a vast network of machines, a lifecycle services partner can help relieve the administration pressures and provide peace of mind that software is updated, secure and documented. If you outsource ITAD, many IT asset disposal companies provide preparation and roll-out services. They can support stretched IT teams with software installation, updates, asset-tagging and audit reporting, as well as providing data wiping services. Look for an ITAD partner that offers as convenient out of hours installation services to ensure there is little or no downtime.
Frighteningly, hackers have even developed techniques that disable the auto-update feature remotely. Without adequate hardware inventory checks, fraudsters are free to steal data, destroy documents and even wipe your entire IT infrastructure.
Updates are good for business.
Whilst they play a critical role in keeping your business protected, it isn’t all about security. Software constantly evolves. No sooner has it launched, the same team of developers that created it are searching to ways to improve it or add functionality. Just look how fast the next generation of iPhone is released.
If you are still running an older version, you may experience incompatibility issues when your document tries to interact with a newer software version. This may cause necessary interruptions, for example, if it’s difficult to exchange information with your customer.
Why wouldn’t you take the competitive advantage of the product enhancements that keep you running as proficiently as possible? – saving you time, and therefore money. By providing the most effective professional software, you’ll motivate your team and boost morale.
Updates can help drive business growth and you will maximise the return on investment for the software itself. Efficient workflow and an increase to overall productivity can multiply your businesses bottom line.
Is there a difference between security updates and upgrades?
In short, upgrades can be optional; updates should be mandatory.
Often chargeable, an upgrade will be a major improvement to functionality or the user experience, such as a new interface. Updates are usually free, especially when it comes to bug fixes or security patches. Even if you know you are choosing a sub-optimal user-experience, there is no need to upgrade – to a point.
Unavoidably, there comes a time where it’s no longer cost-effective for the software companies to support older OS versions. At this point, it is an absolute must that you upgrade. There will be no more security patches or updates; you are at high risk every time you press the power button.
Budget-cuts, short timescales and the difficulties associated with remote working combine to add another layer to the challenge of software upgrades or new hardware distribution.
You can upgrade the software but the chances are that the device it sits on is ineffective and reducing team efficiency. Upgrading end of life it assets can be costly for any business and is often avoided. However, older, redundant IT equipment can easily be upgraded, recycled and reused to give them a new lease of life, whilst demonstrating your environmentally friendly ITAD credentials. Many offer mobile device recycling, too. Data destruction services are accredited and guarantee secure IT asset disposal of your redundant IT assets or components. Each device has its own IT asset disposal accreditation certification providing a paper trial of your commitment to your own IT asset disposal policy and GDPR data destruction compliance.
Inconvenient or imperative?
If you’re watching the timer swirl, an OS update can seem to take an eternity, more so if you have a pressing deadline. Major updates are only released every 6 months. They do take a little longer but can be scheduled to run after hours. However, regular OS updates, such as those from Microsoft, only between 7 – 17 minutes to install.
Is their reputation as an inconvenient disruption deserved? Not only are they highly likely to make your working life easier and more productive, it may be the most important cup of tea you’ll ever make. After all, 15 minutes out of your day is nothing compared to the downtime a business will experience should a security data breach occur. (Not to mention the costly fine). It’s best to keep the hackers out, protect company data and your teams working efficiently.
Contact us today on 0161 777 1000 or visit https://www.tier1.com to find out how we can help you dispose of your data safely and reliably.
us.norton.com; ciotech.us; saxonsit.com.au; academic.oup.com; sophos.com;