I – Thou shalt keep all of thy software and apps up-to-date with automatic updates.
Summary
The creators of these applications are constantly being made aware of these vulnerabilities and create patches/fixes to correct them. If you install that patch/fix, then you are no longer exposed too that vulnerability, so you are therefore more secure than you were before you installed it.
That’s all there is to it. I will continue below with some specific advice on the different platforms, so if you are not interested in such particulars, just ask your IT support provider or favourite IT guru to make sure your systems and applications are set to be updated automatically or at least regularly by them.
Detail
Desktop Operating Systems:
Most platforms have a simple way of enabling automatic patching. In Microsoft Windows 7/8/8.1/10, it is called Windows Update and by turning this on to be fully automatic you are going to receive patches as soon as Microsoft release them. You can set it to also update other Microsoft applications on your system as well (e.g. Office, Word, Excel, etc.). For Apple Macs, simply use the App Store for your updates. As for Linux, if you are running that then it is highly likely that you already know what you need to know to keep it updated.
Application updates:
Most other mainstream applications (Chrome, Firefox, Adobe reader, Java, Anti-Virus applications, etc.) have a default setting to get automatic updates. Just to be sure to be sure, please go and look for this now and make certain it is turned on for the applications that you use.
There is a special place in hell for Flash Player. I’m sorry Adobe, but it is true. It is probably the most exploited and unfortunately very widely used piece of software. If you don’t need it, uninstall it now and you will dramatically improve your security posture. If you come across something that needs Flash to play, then use Chrome for playing it. If you absolutely need to use Flash, then make sure you keep it updated – every day (sometimes).
Servers:
You need to be a little bit more careful about Patching Server platforms, as you don’t want the server to be rebooted after patching, if it is currently being used by others. There might also be a specific sequence needed to shut down and restart the server, so seek advice from your IT support provider, if they are not responsible for the patching of your servers.
Mobile:
For your mobile devices, their default settings should be to automatically receive app updates from the appropriate app store. If you changed this behaviour when you set-up the device, then please take this opportunity to change it back. If a new update to an app requires additional permissions, you will be asked if the new permissions are OK before the update can proceed.
System updates on mobile devices are handled a little differently and need manual intervention, mainly because the device will be unusable while the update is being installed. So if you can go cold turkey from your phone for 5-10 minutes, then you can let those updates happen. It would be advisable to wait a couple of days after receiving notification that a system update is available and then check if there are any reported problems with it on your specific phone/tablet, as even the mighty Apple have sometimes released dodgy system updates that have caused their passionate users some consternation.
Networking Equipment:
Networking equipment also runs software (referred to as firmware). So things like Network Switches and Routers, which we all have in our networks (both home and office), are occasionally in need of a patch or twenty. Updating these is not for the faint hearted and does need a great deal of care while the updating process is in progress, as it is possible to “brick” the device (i.e. – turn it into an expensive paperweight). So please consult with your IT support provider or family IT guru.
Printers:
Believe it or not most Printers also run firmware and there have been vulnerabilities discovered in these. It is possible for hackers to be able to send hate literature to a printer or even more concerning, find out what printers have printed in the past including potentially secret documents. As with networking equipment, keeping printers updated and secured would be a job best left to an expert.
Internet of Things:
This buzzword covers items such as baby monitors, smart home security systems, smart refrigerators, smart watches, smart lighting and smart heat controls (to name but a few). If these are in any way connected to your Wi-Fi, which is also connected to the Internet, then they could be at risk. Securing these devices and keeping them updated might be tricky as well, as there doesn’t seem to be any standards available for same. The one suggestion I would make is, if the device came with a default password or worse, no password, please, please, please change/set it to something complicated.
Conclusion:
If you have any comments, suggestions or questions on the above, please leave a comment below.
Do you have a Commandment for Cyber Security to add or any thoughts on those that I have listed, if so please let me know and I will do a follow up after I have completed the run through.