The digital devices and software we use daily are vulnerable to security vulnerabilities. Cybercriminals can exploit these flaws to take control of a computer, mobile device or even a connected watch. Faced with these risks, publishers and manufacturers offer updates ( patches in English) to correct these flaws. If the update operation is often felt as a constraint, it is nevertheless a necessary action to protect yourself. Here are ten best practices to adopt for your updates.
Remember To Update All Your Devices And Software Without Delay
Computers, telephones, operating systems, word processing software, connected objects… We use many devices and software. It only takes one not being up to date and exposed to a security breach to open to a violation in your digital environment. To prevent cybercriminals from using these security vulnerabilities to hack into you and steal sensitive personal information, updating your devices as soon as they are available is essential.
Download Updates Only From Official Sites
Identify All Devices And Software Used
It is advisable to identify your devices, hardware and software to update them. Some Internet Service Providers (ISPs) offer an inventory application that allows you to list the devices connected to your professional or home computer network. If you acquire a new device, restore its default settings before using it by resetting it and then install the various updates offered on the sites of the manufacturer or the publishers of the installed applications.
Enable The Option To Download And Install Updates Automatically
If the software allows it, configure it so that updates download and install automatically. This feature will give you the latest version of the publisher’s solution. Also, make sure the update works by manually checking if needed.
Define The Rules For Carrying Out Updates [PRO]
To ensure your cybersecurity, defining specific rules can facilitate the update operation, especially in business. This involves, for example, specifying how to carry out an inventory of the devices and software used, knowing where and how to search for updates, how and who performs the update or even when to carry out this operation.
Schedule Updates During Periods Of Inactivity
When interrupting a personal or professional activity (watching a video, writing an email, etc.), messages indicating the availability of an update are often ignored because the update process can be experienced as a constraint. Indeed, the update can take time, ranging from a few seconds to several minutes or hours, depending on the case. Also, take advantage of periods of inactivity to carry out your updates (lunch, meeting, at night, etc.).
Beware Of Fake Updates On The Internet
While browsing the Internet, messages appearing as update alerts sometimes appear on the screen: false advertisements on websites or malicious pop-ups. Be highly vigilant, as this may be a technique to trick you into installing an alleged update that is a virus.
Ask About The Regular Release Of Editor Updates [PRO]
Using an outdated device or software increases the risk of computer attacks. If updates are no longer offered, they are more vulnerable. Also, before acquiring new hardware or software, check the regular publication of updates from the publisher or manufacturer and the end date of their availability. When a solution reaches the end of life and updates are no longer offered, identify the time and resources needed to migrate to new tools to stay protected.
Test Updates When Possible And Make Backups [PRO]
Updating a piece of equipment or software leads to unexpected consequences, such as making the solution that has just been updated incompatible with another piece of equipment or software. Updates should therefore be tested when possible. In addition, do not hesitate to make a backup of your data and your software before an update operation to go back if necessary.
Otherwise, Protect Devices That Cannot Be Updated [PRO]
In some cases, devices may not be updated for various reasons, such as age, loss of warranty or license. It is, therefore, necessary to protect this device otherwise, for example, by not connecting it to the Internet, separating it from the rest of the computer network, or disabling vulnerable services.
Document Produced With Our Members
- France Insurers
- Palo Alto Networks
Read Also: How To Reduce Human Cyber Risks?