Experts Agree This is the Best Way to Protect Your IT Devices
Category
Cybersecurity Fundamentals
Risk Level
In another ACT post we talked about a process in cybersecurity that we call “vulnerability management.” Remember, vulnerabilities are holes in your electronic devices’ code that when left unpatched, can allow hackers to use them to their advantage; like an open back door on your house. In the case of ice climbers, it’s about identifying where vulnerabilities exist in their climb, and addressing them accordingly - think safety harness, a buddy system, proper training. So how does the process work, and how can it help protect your IT devices?
Identify
To identify what vulnerabilities you have, there are a few methods that are available. They include, but are not limited to:
Checking for updates on your IT device. Usually a little circle with a number in it, or a pop up notification will appear to let you know it’s time to update, but you can always check manually.
Scanning your device with a “vulnerability scanner.” These are specialized tools that check to see if certain vulnerabilities exist on your device. Similar to a burglar checking your car door to see if it’s unlocked, this information can be used to see if there is a hole and will let you know if there is a patch available to close it.
“Penetration testing” or “pen testing,” is a method of attempting to break into an IT device. Many organizations will hire good guy hackers, also called “white hats”, to test the security of their IT devices. If they can find any vulnerabilities, then so could hackers.
Checking the news may also tell you about some big vulnerabilities that exist. You might be watching the local nightly news, or reading the Hive Systems blog, and see something that may impact you!
Evaluate
After you identify what vulnerabilities exist, you must evaluate whether they are applicable and the risk they present. For example, if you only own an Apple computer, then the BlueKeep vulnerability we talked about will not apply to you. You can also look at the vulnerability and see if other factors prevent it from being a true risk. As an example, if your organization doesn’t allow USB drives to work on your laptops, then a vulnerability that’s passed on USB drives wouldn’t impact you.
In addition, you’ll have to prioritize the vulnerabilities. Most likely, there are finite resources for you or your organization, like time, and you can’t fix every IT device at once. If you identify which IT devices are the most important, and which ones have the most severe vulnerabilities, then you’ll know where to focus your attention.
Remediate
Once you’ve evaluated the applicability and risk of the vulnerabilities, it’s time to remediate them. While patching everything may seem like the obvious solution, there are three choices when it comes to remediating a vulnerability:
Remediation: as we’ve talked about above, this includes patching a vulnerability so the hole is no longer open. This is the best option to stop hackers.
Mitigation: this is a way of reducing the impact of a vulnerability if a patch doesn’t exist yet. Sometimes hackers take advantage of a vulnerability before the good guys can fix the hole. This is called a “zero day” vulnerability and are. the. most. devastating. The mitigation option can be used to buy time until a patch is ready. This could include turning off certain services, like email, until a patch has been released. This should only be used for a short period of time.
Acceptance: this is the riskiest of the three options. An organization may need to accept the risk of a vulnerability because applying the patch may break some software it uses, like an accounting system. Until the accounting system is replaced, the vulnerability can’t be fixed. Many times this will help an organization expedite a replacement or upgrade knowing that the old accounting system is putting the organization at risk.
Validate
Once all of the above steps are complete, you must validate the remediations you took. Did ALL of your patches get applied to ALL of your IT devices? Did the mitigation options you put in place actually mitigate the vulnerability? It’s one thing to know that the little red circle went away, but did the updates actually work? The best way to validate that the remediations you took are working is with the “vulnerability scanning” and “pen testing” mentioned above. If you don’t validate, you may be giving yourself a false sense of security.
Repeat
Cybersecurity is a never ending cycle that has to stay ahead of hackers and the pace of IT in general. Once you finish the four steps outlined here, it’s usually time to start the process over to make sure you’re not vulnerable.
If you or your organization aren’t sure if you’re staying on top of your vulnerabilities, let’s talk about Hive Systems’ Vulnerability Assessment. Click the button below to start the conversation about making sure you have the latest patches applied and validated so you can slam the door shut against hackers.