With decades in the making and pure divinity in its simplicity, it is hard to understand why this managed IT security secret has not been considered.
Threats are found daily to break into the most securely designed systems on the planet.
These zero-day exploits can cause significant damage.
Then the race is on to plug these vulnerabilities as fast as programmers can type.
Do you know that many breaches start from old forgotten servers left under the desk of someone who left a few months ago?
Servers that have not been touched, most likely in years, because no one wants to break them.
I have heard claims of zero outages and zero downtime in 3 years and five years, and I shudder whenever I hear the answer to my inevitable question.
The question I have to ask even though I know the answer:
“How can you have zero downtime on a server – when was it last patched?”
As you read this, I imagine, you have just facepalmed as the answer flashes through your mind.
These servers have NEVER been patched.
For the entirety of their lives, they have been left accruing more vulnerabilities as time passes (maybe even a virus/malware or more).
So what is this IT security secret that I have so far withheld?
IT Security Secret – Patch Your Servers!
Just patch your damn servers. Regular and completely.
Yes, you need to test patches on QA/test systems first. However, once you have done it, you need to complete the task by rolling them into production.
Like most other things, security is not about doing a few extraordinary and mysteriously clever things.
It’s about doing the basics extraordinarily well that gives you the edge.
Patching is a simple and vital process on your systems, yet it is often overlooked.
By keeping your systems up to date, you minimize the window of opportunity for bad actors to compromise your servers and your business.
Avoiding patches in this fast-paced environment is unacceptable and will require massive work to set it right.
Take some time to analyze what you have. Find what is not up to date, then start to work your way through the list.
Once a server has been patched, add it to a patching schedule to keep it current.