Posted by Mark Isenberger, TCC Solutions Engineer
WannaCry 2.0, EternalBlue, Assassin, and After Midnight are names that the majority of system administrators have heard of over the last several weeks that have kept administrators and engineers awake wondering at what patch level is their system operating. Those administrators and company executives who were caught by past virus events like Morris Worm, I LOVE YOU, and Slammer, hopefully learned that firmware, security settings and patch levels are all key components in the ever-increasing perimeter security monitoring that have system administrators on a constant vigil.
So, what patch levels are your servers on? Many companies prefer to stay at the second latest revision or “N – 1” so they can avoid the headaches of implementing patches that are not completely error free. Sometimes, this is perfectly acceptable for ensuring that your production systems are online without production outages. Do you have a Development environment that allows you to test the patches? Even more importantly do you have time and resources to review the patches, read notes, and determine if they will impact productions systems affecting the business? Unfortunately, the answer is usually no.
Ensuring servers and applications are patched and reducing the security vulnerability footprint is becoming more and more critical as is the ability to show the organization that you are at the correct revision\patch levels. Imagine if all your contacts, customers and vendors, your critical business applications and all business data, were suddenly gone or locked by ransomware.
Utilizing a standard patching cycle is a good first step in ensuring your organization understands the importance of patching and security updates. Do you utilize something like Windows Server Update Services (WSUS), System Center Configuration Manager, or Amazon EC2 Systems Manager? Guaranteeing you have a scheduled timeline, deployment system and reporting system reduces the potential attack vector, minimizes deployment time and alleviates manual reporting to the organization. Ensuring that your systems are protected is a top priority, and providing guidance to your end users is crucial as well because clicking on a LOVE-LETTER-FOR-YOU.txt.vbs might just reduce all your business to cinders and ash!
To learn more about TCC’s IT Managed Services please visit our website https://e-tcc.com/managed-services