The global shift to remote or hybrid work arrangements has been a dream come true for many employees, who now enjoy a better work-life balance, less commute stress, and other perks. However, cybersecurity experts tasked with securing remote workers would most likely use the word nightmare.
Why? Because keeping devices updated when employees work from various remote locations -sometimes using devices of their own – is a difficult challenge to overcome.
But ignoring this challenge isn’t an option either because attacks on remote employees are growing more. Worse, their consequences are often more severe. In fact, the average ransom payment increased to $154,108 in Q4 2020, up from $84,116 in the fourth quarter of 2019.
Some Patches Are More Important Than Others
When a patch becomes available, many remote employees delay its installation for three main reasons:
- They don’t want the installation of the patch to interrupt their work.
- They don’t consider the patch to be particularly important.
- They don’t have the bandwidth to download the patch at the moment.
The problem is that not all patches are created equal. Some are so important that they’re worth waiting a while to download and restart the updated device.
3 Types of Device Patches
Let’s take a closer look at the different types of patches in order of their importance, from the least important to the most:
1. Feature Updates
The purpose of feature updates is to add new functionality or improve existing features. Some features may be highly important and greatly desirable. However, their installation can be delayed for a long time without any negative impact on security or productivity.
2. Bug Fixes
Bugs are flaws in software applications that may result in everything from unexpected behavior to catastrophic crashes. Bug fixes can improve productivity by making the patch’s software more reliable, but they don’t impact security.
3. Security Patches
The installation of security patches prevents known vulnerabilities from being exploited by cybercriminals. As such, their installation should never be delayed more than necessary (the amount of time it takes to save open documents or finish an online meeting).
Because employees often don’t understand the differences between them, they delay the installation of highly important security patches and make themselves, and the entire organization, vulnerable to dangerous cyber threats.
Just how vulnerable? Well, a report published by information technology company Automox revealed that 60 percent of data breaches in the past two years could be traced back to a missing operating system patch or application patch.
In other words, all organizations can reduce the likelihood of experiencing a potentially devastating data breach by more than a half just by updating their patch management strategy for the remote work era.
Patch Management Best Practices for Remote Work
Patch management is defined as the process of distributing and applying updates to software. Traditional patch management practices don’t work too well in remote work environments because IT professionals can’t readily access and manage all devices employees use to get work done.
The good news is that it doesn’t take much effort to update patch management for the remote work era. However, they go a long way in ensuring that important patches are installed promptly and without impacting employee productivity more than necessary.
Use these steps to prevent unpatched vulnerabilities from causing massive issues in your organization.
1. Make Patching Mandatory
Remote employees must understand that patches impact the organization’s cybersecurity posture just as much as, let’s say, passwords do. It’s a good idea to create a policy that clearly explains why the installation of available security patches is critically important and provides instructions on how to schedule the installation of less important updates so they take place during downtime.
2. Take Advantage of Remote Patch Management Solutions
Many remote patch management solutions give organizations the ability to remotely update end-user devices. The leading solutions can push patches automatically and deal with different operating systems as well as third-party software applications.
3. Implement Split Tunneling
For security reasons, it’s a good idea to require remote employees to use the corporate VPN whenever accessing the organization’s server and the resources stored on it. Instead of pushing updates through the same VPN and potentially causing massive slowdowns, organizations should implement split tunneling, routing internet traffic directly onto the internet.
Regular Device Updates Are Crucial for Remote Workers
Remote work arrangements have many benefits for employees and employers, but improved visibility isn’t among them. To ensure that essential patches are installed on all devices used by remote employees, organizations need to update their patch management strategies and take advantage of available patch management solutions.
Need Assistance?
Teal offers responsive and secure managed cybersecurity services to SMBs nationally. Other services include:
If you’re interested in learning about our premier IT strategies, contact a Teal business technology advisor today.
