The Department of Homeland Security just released a memo detailing a serious flaw in what was considered, at that point, the latest version of Symantec’s End Point Protection security suite. This was just a few short months after Symantec released their latest version.
Software are often released with unknown security flaws contained in their code. These “holes” generally go unnoticed to even the software manufacturer until a hacker or a security company examines it a lot more closely and often times discovers a vulnerability that can be exploited. It is at that point that the software manufacturer releases a “patch” or even a version upgrade that fixes the issue and on it goes with patches and upgrades. It is a never ending process but the very best way to ensure good IT security is to be vigilant in your upgrade process.
The upgrade process does take constant attention and not just to your anti-virus / anti-malware software. There are updates to every day software and add-ons such as web browser components (Java, Flash), Microsoft Office, Adobe products and of course the very important Microsoft security updates for your operating system.
The constant barrage of updates and the endless ways that the Internet bad guys gain access to your systems and information makes it a very daunting task to keep everything up-to-date and secure.
You should invest in a strategy or compliment of solutions to lighten this burden and to keep your system safe:
Patch management system-This is a software system that has an administrative console installed on your network server. From this console, you can view and adjust settings on all of your network workstations. This patch management system is designed to monitor all of your computers for software updates, download the updates to a central repository and “push” them out to the computers on a regular basis. This ensures that all of your computers are up-to-date with security updates to all of your employees’ installed software and eliminates the need to constantly be in touch with each software vendor for their latest versions or patches.
Content filtering system– This type of system monitors your employees’ Internet access and can block unwanted sites that you deem inappropriate for office use and / or not conducive to productivity. The less places that your employees can stray on the Internet, the less likely they will come across a website with malicious code or join a site that will deliver problematic spam email.
Spam filtering system– Whether it is installed as a software or hardware solution, filtering out phishing emails and spam emails with malicious attachments or links is very important to the health of your system. Spam email is the number one way that viruses and malware reach your employees’ computers.
Business-class Internet firewall– The importance of this piece of hardware cannot be downplayed. A lot of clients opt for a less-costly and sometimes a retail model and rarely apply updates to their device. A business-class unit will have more attention paid to it by the manufacturer than a unit from a local tech store and will regularly submit security updates to address recent vulnerability trends of flaws on their devices. A lot of these higher-end units also have the ability to do some of the services mentioned above such as content or spam filtering.