A key question you should be asking your team is
Are we keeping up with Windows 10 keeping up with updates?
As of today, devices with the following versions of Windows 10 ARE NOT receiving security updates:
- Windows 10 Pro (OEM) version 1803 or earlier
- Windows 10 Enterprise version 1709 or earlier
Do they realize the risk and exposure they are taking?
Read blog: Keeping up with Windows 10
In the past few weeks, I have encountered several customers that did not realize they were not getting quality updates on end-of-life versions and needed help understanding… One customer had over 1,200 devices on Windows 10 Pro v1607 still.
If you are not familiar with the new Windows Servicing cadence were you need to stay current and up-to-date, then you are introducing a lot of security risk and likely compliance governance issues.
Security risks alone are very high for unpatched software and devices. A few examples:
- Equifax breach was traced to an unpatched Java Virtual machine allowing hackers to steal millions of data records.
- SingHealth breach traced to a workstation running a version of Microsoft Outlook that was not updated with a patch to address the use of the hacking tool.
- A Fortune 500 corporation hadn’t patched Windows to protect against the “Eternal Blue” zero-day opening the door to a September 2018 attack that spread the crypto-mining “WannaMine” malware onto over 1,000 machines throughout the company
Although all of the above examples are related to large organizations, the Verizon Data Breach Report shows that 43% of cyber attacks target small businesses where 61% of small business owners handle IT themselves, and 84% don’t think they are at a risk of an attack.
Bottom line: Stay Current!
Some usefull resource