According to Techopedia, “A patch is a software update comprised code inserted (or patched) into the code of an executable program. Typically, a patch is installed into an existing software program. Patches are often temporary fixes between full releases of a software package.”
Put simply, patches correct known vulnerabilities in software including operating systems and applications. Don’t forget, according to one of our previous articles, patch management is 1 of the 7 steps to protect yourself from a data breach.
In May 2017, the WannaCry virus, according to Wikipedia, was estimated to have affected more than 200,000 computers across 150 countries, with total damages ranging from hundreds of millions to billions of dollars. One of the largest agencies struck by the attack was the National Health Service (NHS) hospitals in England and Scotland where up to 70,000 devices–including computers, MRI scanners, blood-storage refrigerators and theatre equipment–may have been affected. On May 12, some NHS services had to turn away non-critical emergencies, and some ambulances were diverted. In 2016, thousands of computers in 42 separate NHS trusts in England were reported to be still running Windows XP.
To read more about WannyCry and to see references for the above statistics, go here.
That’s a lot of damage. But it was completely unnecessary. All any organization had to do to prevent being infected was to:
With computer software, there is no such thing as set-it-and-forget it. Turning on Windows Updates is better than not having them on, but in a corporate setting, it isn’t enough.
Patch management should be handled by your IT department according to industry best practices, which include:
JPMerc & Co. offers low cost, no obligation IT assessments. We’ll identify your current IT risks and offer cost-effective solutions. The report and the knowledge gained is yours to keep with zero obligation and no hard-sell. To learn more, connect with us!