The number of reported security vulnerabilities in 2013 continued to increase compared to 2012. Vulnerabilities are on the rise constantly increasing since 2011. The high severity vulnerabilities increased by 16 percent from 2012.
GFI LanGuard 2014 R2 is a network vulnerability scanner, patch management, and network auditing tool. There are currently over 1,500,000 nodes with LanGuard deployed.In this article I will answer some of the most frequent questions I receive about licensing GF LanGuard.
Recently, a small bank in Wyoming with a 1 man IT department contracted a nasty computer virus that their antivirus did not catch. The virus caused a huge loss in production and new business.
Because their Big Name antivirus failed to detect the virus, the bank began looking for an alternative. How did this happen? Because today computer crackers (The Bad Guys) are exploiting third party applications such as Java, or Adobe Flash. Also there may be machines on the network with outdated antivirus definitions.
You would think that with things like automatic updates, applications that can automatically patch themselves, and the constant media attention towards security, hackers would be a dying breed, bereft of targets which they can exploit. Unfortunately, poor patch management practices across the board means that the ever-growing number of connected devices are providing hackers with and endless supply of fresh victims.
Patching is not something that the IT department really enjoys doing. It is complicated and ongoing. It takes forever and it doesn’t add any actual business value.
Meanwhile you have myriad systems to patch, and endless patches to test and then install. Then you have to do it all over again. And again. And again.
No wonder a recent study by the UK-based Federation of Small Business shows that little more than a third (36%) of small shops patch regularly. Then these shops wonder why they got compromised, or blame their software vendors, especially Microsoft® – a common security punching bag!
Patching, well, patching properly, solves the majority of security problems. In fact 90% of successful exploits are against unpatched systems.
Even environments that should presumably be highly secure too often fail to patch. Last year an audit at the U.S. Department of Energy found that some 60% of their desktops lacked important patches.
Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis.
While software updates serve many important roles, be it delivering feature improvements or fixing bugs and security vulnerabilities, they bring with them a number of potential challenges for the IT Department in terms of ensuring systems are up-to-date, that new problems are not introduced by patches designed to fix things, and updates do not create compatibility or instability issues. All this needs to be done while ensuring that updates are pushed to PCs as quickly as possible to prevent vulnerabilities being exploited. The constantly evolving software landscape makes patch management an important consideration for all IT decision makers,regardless of organization size.
The Payment Card Industry Data Security Standard (PCI DSS) compliance is a set of specific security standards developed by the payment brands* to help promote the adoption of consistent data security measures that are needed to protect sensitive payment card information. Download The White Paper: PCI-DSS