Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
When You Need to Update but Can’t Afford Disruption

by Erik Briceno

We talk about the importance of updating your software all the time — whether it’s applying the dreaded Windows Update patches from Microsoft every “Patch Tuesday” or completely removing depreciated applications. It’s no secret that these updates can cause problems for some people, but unfortunately it doesn’t change the fact that these updates are imperative. How do you manage the sometimes difficult task of keeping your company running during and after applying critical updates — updates that are designed precisely for keeping things running in the first place?

 

Cybersecurity Begins With Risk Assessment

Which key systems need to be updated and upgraded — and when — are ongoing questions for managers and admins, and it can often require an experienced IT company to help you make those determinations. But you also need to know where your biggest vulnerabilities are and how those vulnerabilities could impact your business. Some systems need to be updated immediately, but not all. To complicate matters further, depending on the age of the system you’re updating, an update could potentially damage it. Your decision-making process must be inherently risk-driven — that is, you must weigh the potential cost of action versus the cost of inaction for each individual system that normally keeps your business afloat.

 

Some Things Just Can’t Be Patched

When You Need to Update but Can’t Afford DisruptionIt’s true. There are some legacy systems that businesses rely on that are so old, you simply can’t patch them safely or in any meaningful way. If nothing else though, there are important steps you can take to protect legacy infrastructure.

1. Secure Your Endpoints

The difference between endpoint security and say, antivirus software, is that endpoints bear some or all responsibility for their own security. For example, equipment such as programmable logic controllers, or PLCs, remote terminal units, or RTUs, and intelligent electronic devices, or IEDs, should be made secure by allowing only communication to reach them for which they are designed for. Filtering out any and all unnecessary traffic from the communication channel leading up to the endpoint prevents it from being exposed to an exploit or attack.

2. Secure Your Network

If you’re using a legacy device, chances are the network communication protocol it uses isn’t secure. Even if it already has a form of security, it’s likely quite old and can be easily broken by now. A good way of preventing what’s known as a “man-in-the-middle” attack, which exploits weaker versions of SSL and SSH used in the past, is by routing all communication through a VPN.

3. Remain Vigilant and Monitor Both

Once you’ve secured endpoints and their network, you must watch them both carefully. We have ways of doing that for you. New vulnerabilities and exploits are discovered daily, and your network is always going to be under constant threat whenever something newer comes along.

 

V2 Systems will work with you to help you determine where your most vulnerable areas are, what should be updated and what the potential risks are for updating — or NOT updating. By working together, we can minimize any impact to your business.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

 

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
When You Need to Update but Can’t Afford Disruption
When You Need to Update but Can’t Afford Disruption