In the modern world personal data is of the utmost importance. Your name, phone number, address and Social Security Number are all part of the data that makes up your profile in the digital arena. With this information you can open credit card accounts, get loans and, of course, join Social Media. Alongside all these positives is a negative side to the coin: Hackers. If a hacker gets hold of this information, they too can open a credit card, get a loan and yes, make a Social Media page in your name. To a hacker, information is just as good as money.
In the past decade we have seen many major businesses become victims of a data breach losing millions of people’s personal data. One of the largest, and perhaps most well-known, recent breaches was the Equifax data breach. The United States Senate Permanent Subcommittee on Investigations report states that Equifax “suffered a data breach that involved the PII [Personal Identification Information] of over 145 million Americans.” How did this happen to Equifax one of the largest consumer reporting agencies with access to mountains of personal information?
The simplest answer is stated best by the Subcommittee “Equifax Left Itself Open to Attack Due to Poor Cybersecurity Practices.”
With over “1,000 vulnerabilities the auditors deemed critical…” Equifax had failed to adhere to a consisting patching method. A poor patching strategy left Equifax open to hackers. Once an opening was found it was not immediately patched leading to an “IP address in China, a country where Equifax does not operate” to appear in their systems. Equifax was unable to stop the theft of millions of records.
Good patch management can be monotonous and laborious, an effective patch management strategy cannot rely solely on OS (operating system) updates, instead to be properly secured, 3rd party applications on endpoints and identifying all at risk devices is needed. A good patch strategy, however, can significantly lower cyber risk.
Fill out our quick contact card below if:
Ray Morgan Company Managed IT provides IT and cybersecurity solutions to support your business goals. We believe in a one stop shop to provide holistic technology solutions. We help business owners and IT departments manage technology and increase efficiency of their IT solutions.