Operating System Updates: More than just an annoying reboot

Let's talk about operating system updates. Yes, they're often as exciting as watching paint dry, but they're really crucial.

Remember our chat about app updates? Well, OS updates are like that, but on steroids and there's a few main differences to consider.

Keys to the castle:
A vulnerability in the operating system can be much more severe because there is potential that it then gives an attacker access to ALL the apps that you're using regardless of their individual security strength.

Patch issues: 
Unfortunately, if you're on the ball and update your Operating System quickly, it could mean compatibility issues with your apps too. Tricky!

"Server in the Closet" Syndrome:
You know that server humming away in the back room? The one nobody wants to touch because "it's working fine"? If it's not updated regularly, they can be like all-you-can-eat buffets for hackers. The very nature of servers is that they often hold huge quantities of your business data that you really, really don't want someone poking around on.

The Downtime Dilemma:
Updating an OS often means rebooting and can mean a service outage occurs, even if only for a few minutes. For some businesses, that's like trying to change a car's tyres while it's still moving. It requires planning and maybe some late nights for your IT team to orchestrate this well.

Old apps might never be compatible with the update: 
You probably know this app. It's the app that was made perfectly to suit your industry 15 years ago. You've got huge amounts of data in it and all your team members are very well trained in using it. But, the company developing it has since closed down and have said they will no longer update it to keep it compatible with newer operating systems. This means you have an application that can be undoing the security efforts of both the Operating System AND other apps you're running that are secure! There are strategies to deal with this frequent scenario, but it does throw a spanner in the works.

 So, what can you do? 

1. Know Your Systems: Make a list (or preferably use software to track this) of every device and its OS version. Yes, even that old laptop in the conference room that nobody uses unless another computer is broken.
2. Set Up a Test Lab: Before unleashing an update on your whole business, test it on a few non-critical systems. Think of it as a dress rehearsal for your digital performance. There are ways to do this without buying expensive extra hardware, it just takes a bit of work to set this up.
3. Schedule It: Set a regular time for updates. Maybe it's every second Tuesday night (not Friday afternoon!). Better still, gradually roll out updates across the week to different machines so that you can roll it back if it doesn't go well.
4. Backup, Backup, Backup: Before any major update, back up your stuff. It's like having a reserve parachute - you hope you won't need it, but you'll be glad it's there if you do.
5. Have an "Undo" Button: Know how to rollback an update if things go pear-shaped. It's your get-out-of-jail-free card.

Now, about those Essential 8 Maturity Levels:

To hit Level 1, you need to patch your OS within a month and ditch any systems running unsupported versions. It's the bare minimum, like putting on pants before leaving the house.

But here's where it gets interesting: Levels 2 and 3 ask you to patch critical updates (ie when they know there's something seriously wrong with the OS) within 48 hours and use vulnerability scanners to alert on this. It sounds hardcore, but with the right tools, it's not much harder than Level 1.

Level 3 also says to use only the latest or previous OS version. With the exception scenarios where you can't update, then if you have level 2 then you're pretty much on level 3.

Remember, your OS is the bouncer at the door of your digital nightclub. Keep it buff, alert, and up-to-date, and it'll keep the riffraff out.

Keep it updated, folks. Your future self will thank you.

Want to Know More?

Click the links below to read other posts in our Essential 8 series

1. Patch Applications: Keep your software up-to-date to fix those pesky security holes.
2. Patch Operating Systems: Same deal, but for your computers' core operating system.
3. Configure Microsoft Office Macro Settings: Stop nasty code hiding in seemingly innocent documents.
4. User Application Hardening: Lock down your everyday software to make it harder for the bad guys.
5. Restrict Administrative Privileges: Not everyone needs the keys to the kingdom.
6. Multi-factor Authentication: Add an extra layer of security beyond just passwords.
7. Regular Backups: Because sometimes, you need a plan B (or C, or D).
8. Application Control: Only run the software you trust.