Over the years, Microsoft has developed quite a reputation surrounding its Windows updates. It seems like every week there’s something new popping up and saying “Update me now, please!”
When it’s not Windows itself or other core Microsoft 365 apps, it’s some other software tool you rely on to get work done.
If your business isn’t using endpoint management (more on that later), then it’s up to every single PC user in your organization to make sure their machine is up to date. And, unfortunately, Microsoft makes it easy enough for them to cheat, thanks to that “later” button that’s always popping up. (Admit it; you’ve probably used it, too. So have we, and we do this for a living!)
Thankfully in recent years and releases, Microsoft has slowed the pace of its security updates and made many of them happen behind the scenes, without any user action needed.
But you still could be in danger from un-updated devices — even if everyone on your team thinks they’re following the rules.
Here’s why outdated software and OS versions can be so dangerous, and what you can do to address the situation.
The Danger of Failing to Update Your Devices
When the average PC user thinks of Windows updates, they think of the obvious, flashy stuff: new features and capabilities, or fixing existing features that aren’t working right. So if everything already seems to be working, they might assume those updates don’t matter much to them.
Some might even remember a time where they accepted a system update that trashed their entire computer! This doesn’t happen much anymore, but a bad experience years ago can leave your average employee understandably skittish.
The problem with skipping or delaying updates isn’t losing out on the visible changes. It’s all the invisible ones you have to worry about. There’s plenty of research showing that the more out of date your software and OS, the greater your chance of a data breach or other compromise.
Every Windows security update patches a whole host of recently discovered vulnerabilities, or methods that criminals could use to compromise your systems. And once a security update is released, so is the news of a particular vulnerability. Now all the bad guys know about an exploit. Worse, they know there are hundreds of thousands of Windows PCs out there that haven’t secured the vulnerability yet.
Automatic Updates Take Time
What about your most conscientious employees, the ones who never click “later” and always try to stay up to date?
If they’re on the go, they could still be in danger.
The latest Windows security updates include fine print saying that they can take as long as six hours to download and install. This happens in the background while people keep working, so it isn’t disruptive when it works.
But mobile users closing their laptops regularly or working off of battery power might not be allowing their machines to update.
The fix here is keeping machines turned on and plugged in overnight, at least from time to time. (Lock screens, though, to keep data safe.)
The Best Solution: Endpoint Protection and Endpoint Management
We’ve given you some reasoning for why updating matters and some tips for making it happen. But you still can’t stop your employees from just snoozing those updates to the end of time . . . but we can.
Best practices for device security include setting up endpoint management and endpoint protection. These relatively simple technologies allow businesses to control, to whatever degree they choose, what happens on company devices. Your IT department (or your IT service provider) then manages when devices receive security updates. We can even prevent users from snoozing more than a certain number of times.
Setting up endpoint protection isn’t difficult, but it goes beyond basic office computer skills. An IT services provider like us can help you with all of your IT needs, including reining in chaotic device management and setting up safer and more secure endpoint protection.
Can we help you with your business’s IT security needs? Reach us today to get started.