April | 2023

What Does "End of Support" Mean?

• No Updates will be developed or released after the end of support.
• No Compliance with most industry wide compliance standards and regulations.
• No Safe Haven  All physical and virtualized instances of Server 2012(R2) will be vulnerable to security threats.

What Should I Be Doing?

• Start planning your migration NOW.
• Determine how many instances of Server 2012(R2) are being utilized in your current network setup.
• Assess the upgrade path for applications that currently run on these operating systems.
• Allocate resources and budget for necessary hardware upgrades to transition to a newer version.

The good news is we are still six months away from the end of support date, but it's important to start preparing now. Databranch has successfully migrated numerous clients and our team is excited to work with you to create a migration plan for your organization!

Benjamin Franklin once said, “An ounce of prevention is worth a pound of cure.” This age-old advice is easily applied to the digital world we live in today.

Computers, applications, and networks are under constant attack by hackers who are extremely motivated by big financial gains.

An effective patch and vulnerability management program has the ability to stop most hackers' dead in their tracks. It greatly reduces the risk associated with the exploitation of a neglected or unpatched computer system.

Year after year, we learn that the vast majority of successful cyber-attacks have exploited unpatched computers and / or unpatched applications. What is even more interesting is that most of the patches for these compromised systems had been available to install for months, if not years prior to the cyber-attack.

There is no doubt that the combination of routine vulnerability scanning and the timely installation of system patches will make it much more difficult for a hacker to compromise your computer systems and information.

7 Steps to Build an Effective Patch and Vulnerability Management Program

1. Inventory Systems and Applications

Before we attempt to patch computers, operating systems, and applications, we first must know of their existence. It is important to maintain an inventory of all computing assets.

If possible, use inventory software to assist with the task but at the least, make sure the inventory is completed using manual means.

2. Monitor for Vulnerabilities

Vendors will release patches at regular intervals as new vulnerabilities are discovered.

You must know when new patches are available to install otherwise, you risk not installing patches in a timely manner – or installing them at all.

Good mechanisms to use for monitoring vulnerabilities include a combination of:

1. Checking the vendor website and subscribing to mailing list
2. Regular vulnerability scanning
3. Checking vulnerability databases, such as the National Vulnerability Database
4. Relying on an enterprise patch management tool.

Request your free Baseline Security Assessment here!

3. Selecting Patches to Apply

Deciding which patches are ultimately installed is typically based on the criticality of the patch, importance of the system being patched, the resources required to install the patch and assurance of post install system functionality.

It is good practice to, at a minimum, install all “Critical” and “Security” patches.

4. Testing

Prior to installing patches, it is important to install patches in a test or non-production computing environment.

This will ensure that the installation of the patch will not cause any adverse outages or system disruption when it is ultimately installed in a production computer environment.

5. Verify Backup

Despite the testing efforts completed in the previous section, it is still conceivable that the installation of a patch will create unanticipated issues or outages.

For this reason, it is important that you verify the system or application being patched has recent data backup that can easily be restored if needed.

Does your company need a backup solution? Our Datto devices utilize a reliable data backup redundancy solution by storing your critical business data onto your local Datto device as well as 2 offsite cloud storages.

Datto even includes ransomware detection by running analytics to compare the two most recent backup snapshots to identify ransomware footprints.

You can visit our website here to learn more about our data backup and recovery solutions.

6. Automate Patching

The National Institute of Standards and Technology (NIST) recommends that patch installation should be automated using enterprise patch management tools or alternative options.

Manually installing patches is expensive and inconsistent. Where possible, be sure that systems are automatically updated according to your patch management program parameters.

7. Verify Installation

The installation of a patch should always be confirmed by either re-scanning the system with a vulnerability scanner and / or reviewing log files.

Patching Equals Prevention 

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices. To learn more about how we can help take this off your IT plate, call 716-373-4467 x 115 or email info@databranch.com.

Article used with permission from The Technology Press.

Technology Trivia

What material was the first computer mouse made of?

The first person to email us at info@databranch.com and give a correct answer gets a $25 Amazon Gift Card!

Need a Laugh?

Why do Java developers wear glasses?

Because they don't C#!