Our storage for backup is provided by Amazon Web Services. It is reliable and inexpensive. We charge $0.10 per GB per month. If you use less than 10 GB, we usually include it in the backup plan. Please understand that if you have 10 GB of data to backup, it may take more than 10 GB on the cloud because we will store multiple versions in case you need an older version of the file restored.

One of the most important safeguards you can take is to back up your data. Our backup plans are very reasonable and cheap insurance against data loss. Starting with basic PC data backups at $5.00 a month to full server image backups for $20.00 plus cloud storage. Here are some options, prices, and links to more details.

If you have Windows computers running less than 11 or server running less than 2019, don’t bother calling unless it is to determine if upgrading or replacing is an option.

Third-Party Patching: Everything You Need to Know

Timely deployment of patches is critical for maintaining the security of your IT systems. Through efficient patch management, you can regularly deploy software patches and keep your IT infrastructure up to date. While most remote monitoring and management (RMM)/ endpoint management solutions feature patch management functionality, third-party patching is a key component that shouldn’t be overlooked.

What is third-party patching and why is it important? Keep reading to find out!

What are Third-Party Applications?

A third-party application is software created by a company other than the original manufacturer of the device on which the application running or the operating system (OS) that supports it.

For example, Adobe Acrobat Reader is a third-party app that is available for both Microsoft Windows and macOS.

Commonly Used Third-Party Applications

Some of the most commonly used third-party applications include Adobe Acrobat Reader DC, Adobe Photoshop, Google Chrome, Google Drive, WinZip, TeamViewer, Evernote, LibreOffice, and Cisco Systems Webex Productivity Tools. Each of these third-party apps are used every day by businesses for their day-to-day operations.

For example, WinZip is a popular third-party app used for compression, sharing, encryption and backing up files. Adobe Acrobat Reader DC is used to view, open, print, sign, search, annotate and share PDF files. Businesses also frequently make use of the file storage and synchronization service offered by Google Drive.

What is Third-Party Patching?

Third-party patching or third-party patch management, is essentially the process of deploying patch updates to third-party applications that have been installed on one or more of your endpoints (e.g., servers, desktops, or laptops). Third-party patching addresses bugs or vulnerabilities in the software that either affect its function or security. Patching software vulnerabilities is a critical part of your overall IT security process that helps prevent exploitation by hackers.

Endpoint management tools also perform patch management for operating systems including Windows, Windows Server and macOS to keep them up to date and protected against cyberattacks.

What is an Application Patch?

An application patch is a version of the software that has been designed to fix a vulnerability or bug in the application. As noted above, patches may address functional bugs or security vulnerabilities.

What is the Difference Between a Patch and an Update?

It is not uncommon for people to confuse patches with updates, although they differ from each other, with each serving a unique purpose. Updates are designed for software enhancement and are focused on adding new or upgraded features and functionalities to an existing program.

On the other hand, patches are specifically designed to fix security vulnerabilities or bugs in the software to improve its usability/performance, minimize the attack surface (by remediating software vulnerabilities) and protect the system against potential cyberattacks.

Why is Third-Party Patching Important?

Cyberattacks are a major threat to the productivity and sustainability of any organization. While many organizations maintain proactive efforts at patching their OS software, they often fail to follow the same discipline in keeping their third-party software patched and up to date.

From small businesses to large enterprises, all companies leverage a variety of third-party software in their daily operations. In recent years, third-party applications have become the primary attack vector for a variety of cyberattacks, such as malware. In the 2020 Verizon Data Breach Investigations Report, about 6 percent of security breaches (not attacks, actual breaches) involved exploits of software vulnerabilities. As such, it is imperative for businesses to proactively embrace third-party patching to minimize the attack surface for cybercriminals.

Dangers of Neglecting Third-Party Application Patches

The consequences of delaying or ignoring third-party patching can be disastrous for any organization. There were more than 18,000 publicly disclosed software vulnerabilities 2020 and more than 4,300 of them were rated critical. Unpatched critical vulnerabilities in third-party applications are a gateway for cybercriminals to enter the corporate network and wreak havoc on the business.

Every time you don’t deploy the patches released by vendors to fix application security bugs, you are exposing your systems to potential cyberattacks. The infamous ransomware attack Bad Rabbit, which first appeared in 2017, was disguised as an Adobe Flash installer (a third-party app) and spread via drive-by downloads on compromised websites.

Third-party applications, such as Mozilla Firefox and Adobe Reader, have recently emerged as being responsible for a steady upward trend in the number of vulnerabilities that continue to affect users around the world.

Automating the patch management process enables you to avoid the disastrous impacts of serious yet preventable cyberattacks.

How Often Should You Perform Third-Party Patch Management?

Unlike Microsoft, which sticks to a regular patch release schedule, most third-party vendors do not follow a specific frequency for releasing patches. Third-party vendors usually roll out security patches as and when a bug or vulnerability is detected and they need to fix it.

The sheer volume of third-party apps organizations use on an everyday basis makes it next to impossible to manually keep track of all of the relevant patches.

Given that third-party patching (like OS patching) is critical for keeping your organization secure, it only makes sense to automate it. Automating third-party patching ensures that patches for third-party software are automatically deployed within a short time of their release. Generally, you should try to apply patches within 15 to 30 days of availability. For critical vulnerabilities, the sooner the better, of course.

Automated Third-Party Patching

Automating the process of third-party patching ensures that all patches are deployed on time and according to your company’s security policies. Needless to say, automated third-party patching not only helps keep your IT infrastructure secure and up to date but also saves you the headache of performing manual patching.

There are patch management tools for third-party patching that regularly scan third-party software for patch updates and deploy them as soon as they are released by the vendor. Once the patches are installed, the third-party patch management solution documents the process in the form of reports and logs for future reference.

Benefits of Automated Third-Party Patching

Automating third-party patching helps you stay on top of your software patch updates and frees up time for your technicians to focus on more strategic and revenue-generating projects.

Some of the other important benefits of automated third-party patching are:

• Automated Gathering & Deployment: One of the most attractive benefits is that it saves your technicians the cumbersome task of manually searching for and deploying patches for numerous third-party applications that you use every day.
• Consolidated Management & Reporting: Deploying an automated third-party patch management solution enables you to view all the installed patches on a single dashboard and document reports on what patches have been deployed and what issues have been addressed.
• Maintain Security & Compliance: Automating third-party patching ensures timely and consistent installation of patches that not only helps reinforce your cybersecurity posture but also keeps your business compliant with industry regulations.

Operating system (OS) patching is one of the most important defenses in protecting digital systems from vulnerabilities and preserving the integrity, security, and optimal performance of both Linux and Windows environments. Keeping operating system up to date with at least security patches is a must. My base O/S patching is an option with the monitoring. It provides patching on a schedule determined by your schedule. For most clients this is daily early in the morning when you are not using your computer. If you are one of those clients that this is inconvenient for, I can adjust the schedule to less frequent and on another time. Below is some information about what and why this is so important. If you have any questions, call me.

What is OS patching? 

OS patching is the practice of applying software patches to the operating systems installed in your environment to ensure they remain safe, secure, and protected from external threats. The IT landscape is changing. BYOD, OS diversity, and even end users accessing corporate systems via public networks all present challenges for IT departments trying to keep track of increasingly complex infrastructure and dependencies. With increased complexity comes an increased risk of cyber threats that the service ecosystem could be exposed to, as well as keeping track of new OS patch releases from vendors and suppliers. With those challenges in mind, staying current with cross-platform patch management and building a robust approach to patching have never been more relevant.

Why is OS patching important? 

Done well, OS patching can be the difference between a well-supported environment and one that is susceptible to unplanned downtime and performance issues. Here are some of the critical benefits of a robust approach to OS patching:

• Compliance:Many organizations now have regulatory requirements or insurance directives mandating a regular patching regime. Non-compliance can lead to severe penalties. 
• Availability: Keeping your systems’ patches will prevent extended downtime due to security threats and remedial maintenance/emergency patch activity.
• Performance: Devices can crash due to software defects, so keeping your services patched means they are updated with the latest bug fixes and are more secure. 
• Security: A common cause of network security breaches is missing patches in operating systems. Having a regular patch schedule means installing updates promptly, reducing the opportunity for data loss and damage to your infrastructure. 
• New features: Patches are not always about protection from malware or fixing bugs. Sometimes patches can include new features that can give you greater functionality.

Common challenges, and how to address them

Here are some of the most common patching challenges and how to handle them:

Challenge	Possible Solution
No appetite for maintenance windows	It is not always easy to justify regular downtime for maintenance, especially as many organizations are feeling the pinch in a post-pandemic economy. Remember longer downtime following a virus, cyber-attack, or ransomware incident. Work with your team to agree on a maintenance window acceptable to all users.
Keeping track of OS patches from different vendors	Understanding what patches are outstanding is a crucial activity to be able to prioritize support activity.

Dos and Don’ts of OS patching

Are you inspired to sort out your OS patching process once and for all? Here are some tips for getting started.

• Enable automatic software downloads whenever possible to ensure critical updates are installed as quickly as possible.
• Don’t use unsupported or EOL (end-of-life software).
• Do use secure vendor servers for patches and software updates.
• Don’t install patches from unknown links or ad content.
• Do communicate patch windows beforehand and agree to any potential downtime with the rest of the business.
• Don’t download software updates to devices while on untrusted networks.
• Do prioritize systems for patching so you know which have the highest risk or are most sensitive to the organization. 
• Don’t try and patch everything. Not all vulnerabilities will be exploitable in your environment, so check if the patch is needed first.
• Do apply patches as soon as possible (once you have confirmed they are needed). Deploy operating system patches immediately when they are released since they can have severe and widespread effects.
• Do build in some flexibility by using pull-based deployment mechanisms to enable the end user to schedule the patch at a convenient time. 
• Don’t allow people to put off updates indefinitely. Have something in place so that after a pre-registered amount of time, pull reverts to push so your users and their systems are protected. 
• Do regularly scan and audit your environment to ensure any vulnerabilities can be flagged and acted upon. 
• Do create patching procedures for routine and emergency patches so that urgent patches can be deployed quickly to mitigate organizational risk. 
• Do understand each vendor’s release schedule for patches and updates so that you can plan and schedule maintenance work accordingly.

To help protect from malicious websites, we recommend DNS filtering by Webroot.

The next generation of endpoint protection. It does not routinely scan for known viruses and malware but monitors and logs computer activity looking for suspicious behavior. If bad behavior is detected, recovery options include killing the process, quarantine the file, roll back any changes the process made.

For the best protection, I recommend combining Sentinel One and Webroot.