Martin Søndergaard, CTO

Windows security: Let me start by drawing a picture for you…

Carsten from IT suddenly comes rushing in during the planning of next year’s development projects.

“Turn the computer off! Turn the computer off!!” he shouts and charges across to the open laptop on the table. Turn your computers off, we are under attack!”

His eyes are filled with panic. Out on the corridor you can hear other IT colleagues in the other rooms. All with the same message: “SWITCH OFF!”

Although this sounds like a scene from a film, the picture is not very different from what happened at Mærsk Olie & Gas, when the “NotPetya” attack struck the billion-strong enterprise in 2017.

Windows security update now! The threat is continuously growing

You may also remember the characteristic name of the ransomware WannaCry? The security breach that the malicious worm used had actually been closed two months before the worldwide attack – if, that is, one had updated one’s Windows system.

Many had not.

It is entirely clear, in my view: there is no reason to expect that the threat from hackers will become less in 2020, even though the two examples above are from 2017.

To give you an idea of the scale of the attack (and yes, you should be terrified), I have found a couple of statistics:

  • There are on average 2,244 hacker attacks per day across the world. That is one every 39 seconds.
  • On average, a ransomware attack costs companies almost DKK 900,000.
  • On average, every employee has access to 17 million files.
  • 82% of employees consider that they lack cyber-security training.

Can you see where I’m going?

Yes, correct. As an IT manager, you have a huge responsibility for your company and your colleagues to be geared up for the battle against hackers, and one of the most important tasks that you have is to ensure that all machines with online access are updated.

The greatest challenge for Windows security updating: everyday life

If you have broadly kept up with developments over the last couple of years, the statistics above will not come as a surprise. You will certainly also know that system updates are the crucial tools for maintaining a strong IT defence.

The big question is this: how do you get the staff to carry out the updates?

Because the timing of updates is always bad. One is always in the middle of one thing or another. In the middle of a presentation, in the middle of an important task or in the middle of a fantastic 5-minute video of a drummer pounding out an Earth, Wind and Fire number which Jan-Erik from over in production has just sent.

Nevertheless, you have to set deadlines for when a system update must have been carried out. Typically, we recommend that you give staff between 14 days and a month to carry out the updates.

This gives them time to fit them into their calendars, and if you warn and inform them on updates in good time, your colleagues will also not feel quite so irritated by needing to click on “Update now”.

Update wisely: choose IT-savvy front-runners

You won’t get around the fact that all the machines in your business need to be updated to the latest systems if you want to keep the defences up against the threats from the internet.

Nevertheless, it is often wisest to update the individual machines in a strictly prioritised sequence. This because timing may not be the only challenge if you have to update 1,000 computers.

Risk of system paralysis

You may hit other parts of your IT infrastructure with large system updates. You risk that programmes which previously worked perfectly are suddenly unable to talk to each other.

If you roll out a Windows update to all 1,000 users at once, you risk paralysing large parts of the operation, with major costs as a result.

In order to anticipate any problems before an unintended bug is pushed out to all your colleagues, we always recommend carrying out Windows updates in the following sequence:

  1. Computers in the IT department
  2. Staff computers in non-critical parts of the business
  3. Staff computers in the rest of the organisation
  4. Computers in any production machines that are critical for the business.

When you follow this sequence, you ensure that the mistakes and problems that an update may generate are spotted before they hit vital parts of the business.

Let your IT people catch the problems

By starting the updates in the IT department, you also ensure that it is the most IT-savvy staff who are first confronted with any challenges that the updates may bring. Your IT department thus has the opportunity to correct the faults and put the affected systems right before the updates affect the rest of the organisation, in order in this way to avoid both production losses and unnecessary irritation for your colleagues about the system updates.

Although it may sound strange, the second point may in fact be more important than the first. If you irritate your colleagues with the updates, this may be the exact reason why they press “Postpone update” next time you send a Windows update in circulation.

It is here that the danger is found, since with 2,244 attacks a day, the next WannaCry is just around the corner, and suddenly you will become Carsten, running into the meeting room with warning shouts.


Download the free Whitepaper

 

"From operations to strategy"

 

You’re very likely facing this every day—a requirement for increased automation throughout the organization in order to raise competitiveness and also increase user satisfaction. That’s a difficult balancing act, and only few people succeed.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download the free Whitepaper regarding Digital Employee Analytics

 

"Employees are (also) the real success factor in the digital era"

 

In today’s digital world, employees build their careers on the ever-changing opportunities presented to them. So, competitiveness requires more from companies than ever before — you need to present your corporation as attractive as possible to existing as well as future employees.

Therefore, you need to incorporate the Employee Experience, which includes all aspects of the relation between the employee and the employer.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download the free Whitepaper

 

"How to select the right software provider"

 

Software providers abound, and very likely they will call you again and again wanting to present their solutions.

CapaSystems has made a brief guide with concrete advice on what you need to be aware of when you contemplate switching software providers or wish to integrate a new system in your organization.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download a free Whitepaper regarding the CIOs role in the future

 

"CIO as business developer"

 

It is crucial that businesses’ CIOs are able to identify, select and evaluate the IT services that provide maximum insight and increase growth and productivity. That requires tools that provide up-to-date operational insight into services’ functionality and stability.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

User Experience

Download free whitepaper regarding performance issues and end user simulation

 

"Solve your performance issues with end user simulation"

 

A recent study showed that Danish employees waste an average of 144 hours a year on slow computers. To a company of 500 employees, that is hundreds of thousands of Danish kroner. This whitepaper describes how you can minimise waiting time by having your IT provider comply with your service agreements.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free Whitepaper from CapaSystems regarding performance issues and how to awoid wasting time

 

"Analyze infrastructure and use time efficiently"

 

Performance problems and long login times can easily cost businesses and organizations time that corresponds to several full-time jobs every year. It can be hard to identify the roots of the problems with traditional solutions.

End-user performance monitoring, however, provides an overview that covers the entire infra-structure – from end users to network and server applications. That provides an accurate, factual basis for correcting current problems and for nipping future problems in the bud.

 

Download the free Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regarding BYOD

 

"Bring Your Own Device?"

 

Mix of personal and business applications on same IT devices makes IT departments worry.

But what about the security of your company in this universe of personal and business apps provided by a Bring Your Own Device (BYOD) culture?

 

 

 

Download the white paper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regardingShadow IT

 

"Cast new light on Shadow-IT"

 

It’s a challenge when employees and business units purchase technology and IT services without involving the IT department. You easily lose perspective of finances, agreements and where important information is located –and if you’re not able to name who’s responsible for support from day one, a service outage risks being interpreted as internal trouble, even though the IT department has nothing to do with it.

 

 

Download the Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.

Download free whitepaper regarding security

 

"3 steps to secure the company against data sheft"

 

It is said that a chain is only as strong as its weakest link. Therefore, your weakest link in the IT systems will have to be properly secured. Here are our suggestions for three things that can secure your IT infrastructure.

 

 

Download the Whitepaper from CapaSystems and read more...

Thank you for signing up. You will receive a link to our free Whitepaper in your inbox.