If your mobile devices are embarrassing themselves with outdated security configurations, it’s time to do something about it. Not because your fleet will never make Vogue De Rigeur (Devices Edition). It’s because outdated security configuration is nothing but a flowery welcome mat that says, “Hey, Hackers, Make Yourself At Home and Stick A Chunk Of Crypto Ransomware On Our Files ‘Cos We Want To Give You Coin and Look Dumb!”
We won’t have it. Not on our watch.
What’s Security Configuration, Anyway?
Security configuration is a combination of controls and settings that make it harder for your devices and data to be hacked, accessed by unauthorized folk, ransomed, blocked, or generally totaled.
When we call security configuration “outdated”, we’re talking about the software part of security configuration: the apps and operating systems that help your people do their work while protecting them from the nasties. Things like:
- Operating systems like macOS, iOS, Android, or Windows that keep your devices functioning.
- Specialist apps for particular work-related tasks.
- Protective stuff like antivirus and antispyware software.
Most software you use will have been developed with security in mind. Developers will throw in a whole bunch of security fun, such as using code-signed software, non-outdated libraries, and automated processes to prevent human error from creeping into their code.
Why You Need to Make Sure Software Is Updated
Here’s the downer: just like us telling you how mobile device management will make you feel whole again, software gets old. And here’s the deal: even brand-new software hot and fresh from the developer’s oven isn’t fully cooked. There are always bugs to be fixed, weird-ass code to be reviewed, and, yes, security features to be updated, upgraded, and developed. That’s because all those pesky cyber criminals are continually prodding around for security vulnerabilities and evolving brand new cyber threats to fit them. The nerve!
That’s why software updates are important – they fix new or evolving vulnerabilities in the software that you use every day. Without those magical updates, you’ve created a hole in your security barriers big enough for an overlarge nesting groundhog.
OK, So What Do I Do About Outdated Security Configurations?
Making sure that your fleet is always up to date with the latest security patches and configurations should always be at the top of your Gotta Do This Now list. Here are three things you can do about outdated security configurations.
Get Yourself Some Sweet, Sweet MDM
Mobile device management (MDM) gives you the information and control you need to get much of your software security configuration sorted. Gaze in wonder upon the centralized real-time IT asset register that MDM bestows upon you and you’ll see it’s a mystical union of:
- A bird’s eye overview of all your devices.
- A mouse’s eye detailed view of each device and what it’s doing.
It’ll tell you:
- What software is installed and/or accessed by each device enrolled.
- The version of that software.
- Whether an update for that software is available. HINT: If there’s an update available, you’ve spotted an outdated configuration. Well done, you!
- What security software your fleet has (or doesn’t have). This shows up any devices that are running prehistoric antivirus software or none at all.
The beauty of MDM, of course, is that you have the godlike capability of pushing software updates to those devices.
So, now you’ve updated your fleet’s software and ensured that antivirus software is installed on anything that can’t run away. Can you sit back with a mochaccino (extra soy) and think about WhatsApping your high school crush? Don’t be silly. That’s weird, and also you still have stuff to do.
Decide Your Policy on Obsolete Devices
Obsolete devices are a security risk. There, we said it. Maybe you love your old iPhone 6. We feel you, but Apple gave up with it on iOS 12.5.6 and now you’re stuck with an unpatched operating system and an easy win for even the dumbest of crypto criminals. Upgrading a ton of devices is expensive, but so is a data breach and loss of reputation. That’s a great business case for your money people right there.
Think About Using the Cloud More
If you’re not already there, moving business operations to the cloud can help keep your security correctly configured more quickly and thoroughly, mainly because the cloud service people are doing the updating for you. They’re also creating guardrails, which are automated mechanisms configured to enforce security protocols and policies. Often you’ll need to configure these as well as other built-in security controls. (Scared? We’ll do it for you).
We Need to Talk About BYOD
BYOD isn’t like the other girls, because that device ain’t yours, baby. You have less control, and that means security options are weaker. Dry your eyes because you can still configure Some Security Things, including:
- Conditional access: Your team can’t use their personal devices for work unless their devices are up to corporate security standards. They’ll be guided to updating their OS, updating apps, installing antivirus software, and enabling cloud SSO.
- Upgrading your MDM policy: “Dear team, if you use your personal device for work, you’re accepting all these security requirements. So there.”
- Mobile application management: This creates a repository of authorized apps, corporate files, and data wrapped up in its own protected metaphorical box on a personal device and applies security requirements to everything inside that box. It also protects files from being copied.
We’re not saying you should do something about outdated security configuration, but that’s exactly what we’re saying. Even a few minutes of focus can give you an easy win – after all, it’s not hard to tap that annoying “update now” button. But there’s a bit more to it than that, so we’d love to show you how we can sort you out good and proper. Call us, we’re waiting and eager to help…
Ignition is Silicon Valley’s best (and friendliest) IT security, compliance, and support team. Call us now–chatting about IT support and cybersecurity is our favorite thing to do!