Why Is It Important to Keep Software Up to Date?
Because if your software is vulnerable, so is your data. Here’s why.
We all download software in our daily lives, and at times it ends up accumulating and becoming unused. To minimize security risks, the best practice is to have only the software you actually use on your machine at any time. With those choice applications, the next step is keeping them updated. Consider the following when installing and maintaining software on your devices.
Before installing new software, consider the questions below:
- Did you need to give the application rights to information on your cell phone or laptop? Have you (or your kids) ever installed an application on your phone that then requests access to your camera, location, browser history, or, worse, your address book?
- Have you ever stopped and read the licensing agreement? The sample below is from a popular social media site:
If you opt to import your address book, we receive your contacts (including contact information your service provider(s) or app automatically added to your address book when you communicated with addresses or numbers not already in your list).
If you sync your contacts or calendars with our services, we will collect your address book and calendar meeting information to keep growing your network by suggesting connections for you and others and by providing information about events, e.g., times, places, attendees, and contacts.
- Are you wary of cookies (the website variety, in any case), or at least do you understand what you have agreed to when you accept them? Not all cookies are the same. It's a good idea to decline third-party cookies. If you don't decline, the website could sell your browsing data to third parties, leaving you potentially vulnerable.
You have the software installed. Why is it important to keep it up to date?
Security is the No. 1 reason to update software immediately. Threat actors love to exploit software applications that have vulnerabilities users have not patched because these vulnerabilities can be employed as open doors. Why bother breaking the door down when it is already open? Any time a vulnerability is fixed, the software provider releases a patch, which needs to be applied promptly. Quick action is needed because nefarious people have now been alerted to the vulnerability and will be actively looking for organizations that are still exposed to the threat.
Remember Equifax? A data breach affected more than 153 million people. It exposed customers’ personal data, including birth dates, driver’s license numbers, names, and Social Security numbers, as well as around 200,000 credit card numbers. The breach was caused by a third-party software vulnerability that had a patch, but that patch had not been applied to the software on Equifax’s servers.
Reducing the software vulnerability on your computer protects the data you have access to. You need to understand your role in updating the software as follows:
- For your or your family’s computers—you own it.
- For corporate devices—that depends. If it is an enterprise application, it is most likely that your IT organization will be pushing the patches out to your machine. If there is an application you installed on your computer that is not supported by IT, you are most likely responsible for getting updates from the vendor on its security patches and installing them.
There are many important reasons to update software, but the most notable reason is to ensure that threat actors cannot exploit known weaknesses to obtain your private information.
Learn more about Cybersecurity Awareness Month with NETSCOUT.