Operating system vendors release updates regularly that fix problems with their software. Those problems might be something that stops the mouse from being able to click on a button (usability issue), or they might be a security hole that allows an attacker to take control of your machine.
Keep everything religiously updated, keep records of who does upgrades and when they are done. This is thankless work, but it is critical to ensure that your network is kept secure. I can’t tell you how many machines I log into which are running 5 or more year old web browsers, these machines are sitting ducks that will do nothing for the number of hours sleep you get a night.
I am not a fan of auto patching due to the potential risks it creates, however something is better than nothing, especially on a windows network.
I am a telco & internet entrepreneur, nerd wrangler and massive lover of bacon. I was involved in the investigation of and successful conviction of David Noel Cecil – “Evil, The NBN Hacker”.
This article is written from the experiences I had before, during and since the successful execution of Operation Damara. My experiences are from a telco perspective however they are just as applicable to corporate and government networks.
I currently work with several Australian Telco’s and IT businesses, developing Incident Response Plans and helping them ensure the ongoing continuity of their mission critical infrastructure.
If your organisation doesn’t have a strategy for dealing with internet security incidents, I would love to help you out!
Shoot me an email – email@example.com or grab me on Social Media for more information.