Your business’ endpoints are the doorways through which your employees access sensitive corporate data. And in today’s hybrid-remote workplace, it can be a challenge to monitor and secure those endpoints—particularly when users are working from their own personal devices or connecting those devices to your company network via an unsecured internet connection.
One of the simplest ways to protect your users’ endpoints is by making sure that you keep on top of the patches and updates rolled out for each machine, and the software installed on that machine. A massive 80% of successful breaches are unknown zero-day attacks, and this kind of attack often involves the exploitation of undisclosed vulnerabilities.
But patching vulnerabilities can be a tedious, time-consuming task—one which only becomes more complex as you factor in the addition of IoT and BYOD machines to your device fleet. On average, it takes 97 days to apply, test and deploy a patch—that’s 97 days that a cybercriminal could use infiltrate your network undetected.
But patching doesn’t have to be such a chore. To find out more about how organizations can make their patching process more efficient, we spoke to Adam Hofeler, Senior Director at Automox. Hofeler worked for 15 years in the data storage and infrastructure space, before moving into the security space around 10 years ago. Hofeler spent time at Palo Alto and IRONSCALES before joining Automox, where he now focuses on Partners, Alliances and their MSP go to market strategy.
Founded in 2015, Automox is a patch management automation platform that enables organizations of all sizes—from SMBs right through to Fortune 500 enterprises—to centralize and consolidate their patch management processes. With Automox’s cloud-native architecture, businesses can secure their on-premises, remote and hybrid endpoints against new and unknown zero-day malware threats via a single, holistic platform.
Businesses Are Struggling With Patch Management
A vulnerability patch, or “bug fix”, is a series of changes designed to update, improve or fix a computer program. Patch management is the process of monitoring machines and the software installed on them for vulnerabilities, while making sure that patches are applied in a timely manner to avoid the risk of those vulnerabilities being exploited by a cybercriminal.
“We see or hear about breaches all the time,” says Hofeler. “It’s either in the newspaper or online, or you get an email notification that says, ‘We’ve been breached.’ And, a lot of the time, it’s because the versions that company is running on had a bug, and a bad actors have exploited it.”
The cost of a successful endpoint breach—which rose in the last year from 7.1 million dollars to 8.94 million—can be devastating, particularly for small- to medium-sized business that may not have the financial resource to recover from such an attack. Yet organizations of all sizes are still struggling to keep up with their patches. In fact, across all managed enterprise Android devices, only 21.2% of updates are implemented immediately; 18.2% are deferred, 12.2% are windowed, and 48.5% aren’t managed at all. That leaves 48.5% of those devices vulnerable to an attack—and that’s without taking into account personal or BYOD devices, which are twice as likely to become infected with malware as their corporate counterparts.
One of the biggest challenges preventing security teams from keeping on top of their patches is visibility, says Hofeler.
“You need visibility into what version everyone is working on,” he explains. “If you’ve got someone who’s running on an older operating system, and you don’t know it, that vulnerability is going to pose security challenges down the line.”
Another challenge is managing different operating systems within one environment, he adds—something that legacy patch management solutions often struggle to provide support for.
“A technology might deal with Windows operating systems very well, but struggle with Mac or Linux, or even third parties. And that’s a big problem, because you might have different user interfaces for the various operating systems, which don’t talk to one another.”
This makes it much more time-consuming to monitor and manage patches and updates, because the process of syncing data across different operating systems must be done manually. And if you don’t have a robust IT, or Sec Ops team with the resource to dedicate to that, you can quickly fall behind on rolling out updates.
From Remote Work To A Hybrid Office: The Challenges
18 months ago, the COVID-19 pandemic caused many organizations around the world to make the switch to remote working. The speed of the transition meant that, in many cases, businesses were sacrificing security for productivity. However, as the world grew accustomed to the remote workplace, businesses were able to retroactively build and implement more robust infrastructures to secure their remote workforces.
And now, just as they’ve achieved this, organizations are facing another huge shift: the hybrid migration back to the office.
“You’re going to have some users that are remote, some that are on-prem, and some that are a mixture of the two,” says Hofeler. This makes it much more difficult for security teams to obtain that crucial visibility into how software is being used. It also means that users may be working across a wider range of devices, choosing to leave corporate machines in the office and signing in from personal ones when at home—thus widening the landscape of potential vulnerabilities to be exploited.
Because of this, it’s going to become increasingly challenging for organizations to keep on top of their patches manually. That’s where Automox comes in.
Patch Management For The Modern Workplace: Automox’s Solution
To combat the challenges associated with patch management, Automox have designed their solution to provide unparalleled visibility into software vulnerabilities across an entire environment, via one platform.
“Our solution is all cloud-based,” says Hofeler. “We replace all the on-prem tools that require a VPN, which aren’t always able to scale to cover remote users. Being cloud-native allows us to offer much better scalability, and it enables us to span our configuration management across all your devices and applications, which is unique.
“So, regardless of whether you have remote, hybrid or on-prem devices, or what operating system those devices are running on—we bring all of that data into one consolidated user interface.
“This provides full visibility into the software running in your environment and all of the versions. We automate the deployment of scripts at scale to install or even uninstall software, and we help enforce configurations.
“We give the keys to the kingdom to organizations to be able to manage their third-party applications.”
Patching Doesn’t Have To Be A Struggle
When it comes to protecting their endpoints, an alarming number of organizations are leaving too much to chance—especially SMBs, who may not think themselves a likely target for a cyberattack. Today, one third of small businesses in the US and UK use free, consumer-grade security products; 23% don’t use any endpoint security at all. Yet this mindset may be the very reason why SMBs are just as likely to fall victim to a cyberattack as large enterprises: they become “low hanging fruit” for criminals wanting to make a quick buck.
So, it’s important that businesses of all sizes take steps to secure their organizations endpoints. And the best way to do that, says Hofeler, is to work with security providers that make it their job to help keep your company’s data safe.
“Patch management is something organizations shouldn’t take lightly. We hear about breaches caused by old or outdated versions all the time,” says Hofeler.
“But patch management can take a lot of time, and people have struggled with it in the past. So, we’re introducing a new, innovative way to do it.
“It’s something that can help almost all organizations to automate that process of patch management, to become a little bit more efficient and a lot more secure.”
Thank you to Adam Hofeler for taking part in this interview. You can find out more about Automox and their vulnerability management platform at their website and via their LinkedIn profile.