Desktop security is one of the high priority domains to most organizations for maintaining stability and productivity. Managing your desktops effectively with zero downtime and with crystal clear desktop security can be little challenging, because patches and updates for different software across the market is not always stable.
Considering the NVD data for vulnerability in 2014 there were 19 vulnerabilities reported per day, at first when you look at this number there is nothing alarming, but when we extra polite this number to a week it will be 133 vulnerabilities per week and 570 for a month. And if we populate this further for a year, it will be around 7000. Desktop security has to be prioritized to avoid these vulnerabilities one step at a time.
Now let’s consider an enterprise has around 1000 computers, so totally there would have been 70,000 vulnerabilities in the year 2014 for this enterprise. Then moving forward to 2015 there were 25 vulnerabilities per day, an increase of 30% compared to 2014, 6435 security vulnerabilities in 2016 and around 2500 vulnerabilities so far in 2017. Proper management and update of these vulnerabilities will help the enterprises in Desktop Security.
System administrator goes for war against vulnerabilities
Let me tell you a story that will explain things in a better way, hope you guys are familiar with David and Goliath story. Consider David as your system administrator and Goliath as your network of vulnerabilities.If these vulnerabilities keep growing day by day, it will eventually make Goliath stronger, leaving David totally weak.
Now what David did was, he used a sling to hit Goliath and finally defeated him. That’s exactly what your system administrators have to do, they need to take the right tool to defeat this Goliath of vulnerabilities.
Let’s start our journey in understanding desktop security.
How dangerous can a vulnerability be to your enterprise?
Let’s look into some real-time scenarios for understanding the need for Desktop Security,
Heartbleed Bug incident that created a huge security breach for most of the websites. The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. It allows attackers to eavesdrop on communications, steal data directly from the services and users, to impersonate services for users. Two out of three websites were affected by this bug.
Operation clandestine fox for Internet explorer, is a vulnerability in internet explorer which allows the attacker to get the complete information of the victim’s computer. It affected the IE version 6 and above whenever a user visited a malicious website. According to Fire eye’s security analysis forum, the vulnerabilities discovered by cyber criminals remain unknown. Since the threat caused by this bug remains unknown, hope it would have caused some serious consequences.
There was a big incident in Adobe flash last year. Successful exploitation of this vulnerability, will allow the attacker to take control of the user system who uses adobe flash, if the vulnerability was not patched. Now adobe released patch for this vulnerability only after 4 days, which made the system administrator to patch all the systems in 2 or 3 days before any attacker will exploit this vulnerability.
How to tackle these situations and achieve desktop security?
System administrators have to deal with these complex vulnerabilities and also act quickly to avoid security breach into your enterprise and ensure desktop security. With a heterogeneous platform system administrators will find it difficult to handle these vulnerabilities, adding to all these critical updates, non-critical updates and zero day updates are going to make his work an absolute headache.
System administrators are in need of a patch management software which can deal with all these complexity with at most simplicity. It has to scan and identify missing patches in your enterprise, test and deploy them automatically, help the system administrators to configure schedules for deployment of patches, disable automatic updates, exclude a group and deploy patches based upon user requirements, which will ultimately lead to better desktop security.
But will this alone help in desktop security?
System administrators has to deploy new software, deal with help desk tickets, keep a record of hardware and software that are connected to your network, troubleshoot remote systems, deal with downtime, deploy various configurations for computers and users. These are fundamental necessities for an effective desktop management and enhanced desktop security.
All system administrators can be smart: Continue reading “How important it is to keep your desktops secured and how easily it can be achieved?”