Rule of three: Patching, training and least privilege (Part 1)
This is the first post in a series about three ways to protect your business from cybercrime, all of which are common sense, yet too often overlooked: training, patching and the principle of least privilege.
Why do software developers send updates to their software so often? Is it because something is wrong with it? Not at all. The truth is it is normal for software to contain errors or bugs in the code. Unfortunately, cyber criminals constantly look for these errors they can exploit in order to get access to computer networks.
Fortunately, software developers also constantly look for errors — in order to correct them and any security risks they may pose. When a software developer corrects an error in a program, the correction is sent to users so they can update their software. This is called patching.
Because update or patch notifications appear while you’re using your computer and likely in the middle of a task, these prompts can seem like an ill-timed pain in the neck. It helps to not think of patches as a nuisance, but to accept them as an everyday part of using a computer. It’s a simple mental shift that makes a difference.
And it’s an important difference. Cyber criminals never stop looking for software vulnerabilities to leverage. That’s why it is critical to install patches every time one becomes available. And it’s super important to install them right away. Ignoring or neglecting an update opportunity is like leaving your door wide open to thieves. So to help keep your computer and network safe from cyber attack, never neglect or delay patching your software.
Come back Friday to read the next post in the “Rule of three” series, when we’ll talk about training