Feb 28 2017

When Old Software Programs Lead to New Problems for Feds

Loopholes in software that has not been updated can lead to gaps in agencies' cybersecurity protections.

As a new administration looks to make its mark, the impulse is to watch for seismic changes and major feats.

But IT victories are only possible when a series of little things go right, either through the enterprise of employees or thanks to the assistance of well-managed technology. After all, sometimes the biggest problems stem from the smallest details.

Think about software updates. Not long ago users clicked through a series of windows to manually download the latest patches. In recent years, of course, developers have made that necessary chore easier. Today’s software often includes automatic updates, in which a program instantly downloads fixes and installs them almost immediately upon their release.

Still, sometimes old programs leave new holes for hackers to exploit. Conventional wisdom holds that about a quarter of all software is rarely used. What if a user or system administrator doesn’t uninstall an old program or stay up to date with patches? What happens when human error means little things lead to big problems? The devil lies in the details.

Keep Software Updated to Avoid Vulnerabilities 

In January, Microsoft announced on its threat research and response blog that “a significant number of machines” are potentially vulnerable to cyberattacks because they run unpatched software.

“Keeping browsers and other software up to date can counter the impact of exploit kits,” which are run with the explicit purpose of identifying software vulnerabilities, the blog reads.

This speaks to the importance of software asset management. Many such tools allow federal agencies to examine all versions of a program running across a network, and whether the proper software patches have been applied. In short, they ensure agencies take the proper precautions, a practice with an appropriately mundane name: cyber­hygiene. Readers can learn about the steps agencies are taking to better manage software licenses and save money by checking out, "How NASA Saved $100 Million on Software Licenses."

Similarly, cybersecurity is a top IT issue for the White House. Protection requires every little thing to go right, and offers no wiggle room. But feds can solve the problem with improved training, the right software and remaining focused on little things. How are you solving these challenges? Let us know how we can help.

Wavebreakmedia Ltd/ThinkStock

aaa 1