Tag: vulnerabilities

Consider the security risks of your software

Cybersecurity is an issue that hounds businesses of all types. Sometimes organizations invest in security software without realizing the risks that come with it. Here’s why identifying threats before buying cybersecurity products is paramount.

Uncover threats and vulnerabilities

Every business should evaluate the current state of its cybersecurity by running a risk assessment. Doing so is one of the easiest ways to identify, correct, and prevent security threats. After discovering potential issues, you should rate them based on probability of occurrence and potential impacts to your business.

Keep in mind that risk assessments are specific to every business and there is no one-size-fits-all approach for small business technology. It all depends on your line of business and operating environment. For instance, manufacturing companies and insurance groups have totally different applications to secure.

After tagging and ranking potential threats, you should identify which vulnerabilities need immediate attention and which ones can be addressed further down the line. For example, a web server running an unpatched operating system is probably a higher priority than a front desk computer that’s running a little slower than normal.

Tailor controls to risks

Instead of spending time and money evenly on all systems, it’s best that you focus on areas with high risk. You should address these issues immediately after an assessment, but also put plans in place to evaluate their risk profiles more often.

Assess existing products

Chances are, your organization has already spent a great deal of money on security products and their maintenance and support. By conducting risk assessments more often, you can improve the strategies you already have in place and uncover wasteful spending. You may discover that one outdated system merely needs to be upgraded and another needs to be ditched. Remember, your existing products were purchased to meet specific needs that may have changed immensely or disappeared altogether.

It’s much harder to overcome cybersecurity obstacles if you’re not regularly evaluating your IT infrastructure. Contact our experts for help conducting a comprehensive assessment today!

Published with permission from TechAdvisory.org. Source.

Spectre & Meltdown: how to protect yourself

Spectre and Meltdown are critical security flaws that affect a majority of computers today, including the one you’re using to read this. They can leak your passwords and other sensitive data, which is why software companies are working on security patches. The good news for Apple users is that fixes are now available to keep their devices temporarily safe.

Download and install security patches ASAP

Apple has already released software updates for all affected devices, and you need to install them now. Here’s how:

  • macOS – Click the Apple icon on the topmost part of your screen and check whether your system has been updated to macOS 10.13.2. If not, click the ‘Software Update…’ button to go directly to the App Store, then click the ‘Update’ button for macOS High Sierra.
  • iOS – To update to iOS 11.2, go to Settings > General > Software Update and download and install the new software.
  • tvOS – To update to tvOS 11.2, go to Settings > System > Software Updates and follow Apple’s step-by-step instructions to update your software.

The company hasn’t confirmed whether they would release patches for devices running on outdated software, so if your business still uses previous versions of Macs, iPhones, or iPads, make sure they do not have critical company data stored on them. Better yet, upgrade to new devices so that they’re better protected against legacy system vulnerabilities.

Practice browser safety

The Spectre bug could also exploit vulnerabilities in browsers, so make sure you update Safari too. Apple is set to release Safari updates for Macs and iOS devices soon, and it’s highly recommended to download and install them as soon as they become available.

You should also avoid using non-Apple browsers like Chrome, Microsoft Edge, or Firefox, as they have yet to release security patches against the bugs.

Download applications only from the App Store

Downloading apps from the App Store is one of the best ways to ensure you install only secure apps. Third-party stores are prone to malicious apps that could be disguised as legitimate and harmless — or worse, an exact copy of a well-known app.

The App Store has had incidents of malicious applications targeting iPhones, but these cases are rare. It is also much better at vetting suspicious apps and is relatively safer than other open-source platforms.

Moreover, avoid jailbreaking your devices, as this just makes them and your systems more prone to malware. And regardless of where you’ve downloaded an app, practice extreme caution when running new, unfamiliar apps, whether on Macs or iPhones.

Because of the sheer scale of Spectre and Meltdown, there’s a greater need for businesses to consult with IT professionals who can install powerful security software and other protections. Our cyber security team is ready to answer your questions about these and other system bugs. Call us today for professional advice.

Published with permission from TechAdvisory.org. Source.