One of the most effective, albeit least sexy, ways to strengthen endpoint security is to tighten up the patch management process. It doesn’t sound exciting, but if you don’t do it, you’re in for more excitement than you might like. For years, hackers’ favorite method of attack has been to go after vulnerabilities for which patches already exist, regardless of where in your application stack they reside. And they can count on easy prey from out-of-date systems. The research continues to confirm that most attacks these days can be thwarted by applying patches to known vulnerabilities. In fact, in late 2011 the FBI found that repeated hacks at stock exchange NASDAQ were facilitated by a host of unpatched vulnerabilities on its systems.
Many organizations are inconsistent about keeping systems up-to-date because they still rely on manual patch management techniques. The more comprehensive and automated you can make this process — across different operating systems and applications — the more consistently your systems will be patched and protected from known vulnerabilities.
Quick Tip: Don’t Forget Third-Party Apps
According to SANS, most organizations today take at least twice as long to patch third-party application vulnerabilities as they do to patch operating system vulnerabilities. If you’re only automatically updating the operating systems on your endpoints, leaving the third-party application updates to your users or to manual processes, then you’re leaving a gaping hole in your endpoint security strategy.
In this increasingly mobile world, today’s endpoint rarely remains confined in the office and behind the corporate firewall. The modern endpoint is moving. Whether it’s a laptop, tablet or a smaller device, they connect to corporate networks after plugging into hotel computers and coffee shop wireless connections. What’s more, these very mobile devices generally contain more sensitive, corporate data than ever.
Today’s IT department needs to protect these corporate endpoints as much as possible, preventing costly malware outbreaks and data breaches, and keeping the company name out of the headlines. This slideshow features five tips, identified by Lumension Security, Inc., to help even the busiest IT pro stay on top of endpoint security, even as the barrage of attacks intensifies.