Patch Management in the Time of Remote Work
Unpatched vulnerabilities are responsible for 33% of security breaches. Unfortunately, this amount has increased during COVID-19 due to the number of personal devices and other unpatched systems used by remote workforces. This article reviews the main challenges of patching during this period and how companies can improve their patch management.
Patch Management Before COVID-19
Before the COVID-19 pandemic, an organization’s network security measures and firewalls protected employees. The risk of out-of-date or unpatched devices was mitigated by implementing multiple solutions to scan for vulnerabilities, viruses, and network intrusions. However, with distributed workforces, organizations can no longer rely on centralized network security and patch management is more critical than ever.
What has Changed in Patching During COVID-19?
Overloaded company networks
Companies usually issue software patches to end-user systems over LAN using Windows Server Update Services (WSUS) or third-party solutions. Now, with so many end-user systems at home, updates must be sent via the company’s gateway over the Internet. However, bandwidth limitations can slow other necessary traffic.
Network infrastructures must be prepared to address the needs of any unexpected bandwidth demands. One option is to update remote systems directly from the vendors. Another is to use Secure Access Service Edge (SASE) that supports modern organizations’ dynamic network access requirements.
Cybercriminals can take advantage of the unprecedented changes in the way companies are doing business to expand attack surfaces. For example, because video conferencing and collaboration apps usually have inadequate patching protocols, they are easy to exploit.
Organizations like NASA, Google, and SpaceX have banned using such apps to reduce the risk of sophisticated cyber attacks. Another example is a flaw in the Zoom application that was discovered by Morphisec Labs. The flaw enables attackers to record Zoom sessions without the participants’ knowledge.
Weak home network security
Home networks usually include Wi-Fi connections with default passwords and old equipment no longer being updated by the vendor. Also, the encryption used on wireless home networks is easy to crack. Hackers can effortlessly access a network, look for valuable assets by moving laterally, and exploit weak passwords and vulnerabilities along the way.
Weak home network security
Small to medium-sized businesses can address this issue by sending employees separate wireless access points that are preconfigured and include a VPN. However, large enterprises would need to obtain hundreds of thousands of access points and verify that employees connect them correctly.
Tips for Improved Patch Management for Remote Workforce
Companies can take several steps to encourage better patch management:
- Create a consistent patching process — to enable IT to validate patches and all users to plan their reboots and updates. For instance, start a patch rollout on the first Monday of every month, with a deadline for all devices to be updated by Thursday.
- Enforce updates — patching can cause some downtime in productivity. However, the security risk of delaying a patch update is far greater than a short break in efficiency. Companies should force employees to schedule their tasks around the patch update. In this way, they won’t be interrupted, and the endpoint device will be updated.
- Monitor your devices — to track their location, usage, and patching patterns. Without this information, organizations can never truly ensure the security of their devices.
- Install gamification in patch updates — implement participation metrics and reward the department with the highest patch percentage. Organizations should see higher participation rates as no one wants to be the reason their department is lagging.
- Use VPN — get as many remote workers as possible on the VPN and have VPAN access require two-factor authentication.
Organizations worldwide were taken by surprise when COVID-19 necessitated the widespread move to working remotely. Most aren’t prepared for patching and updating the security of remote systems. Besides patching and maintaining on-prem servers and devices, IT teams must also manage remote workers’ devices. Companies need to adapt by ensuring that they update patches regularly, monitor employees’ devices, and enforce scheduled updates. Taking these measures is key to guaranteeing continued operation and success during these trying times.