Cybersecurity and ComplianceComputer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It's really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer worldwide, including all workstations and servers.
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system.
This hardware bug breaks that isolation.
So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.
What is Centre doing about this and what can you do right now to be prepared?
For our Managed and Hosted Services customers, we have already begun the process of updating and patching all PCs and servers that we manage. This is going to take some time, as patches for some devices are not even available yet. We also may recommend that you replace some older mission-critical computers to fix this as there are no patches for these older systems and none are planned. For some of these legacy systems, this may be your only alternative.
We are also in touch with Department of Homeland Security (DHS) and the FBI InfraGard Teams for the latest threat intelligence on possible exploits to these flaws.
Centre recently rolled out a new more aggressive patching schedule for workstations and has implemented an enhanced patching cadence for servers. At this time, we do not feel it is necessary to deviate from our existing patch schedule unless our manufacturer partners recommend so doing due to the threat level. We expect to have all workstation patches deployed by 1/12/18 and servers will be patched in your next scheduled maintenance window.
What can you do now?
Be extra vigilant, with security top of mind and “Think Before You Click” as Phishing through email is still the most common vector for malware to compromise your systems.
Best Practices
-
Don't CLICK it
-
Don't OPEN it
-
Don't ALLOW ACCESS
-
Maintain a strong password policy
-
Keep business networks secure
-
Anti-Virus installed on all machines
-
Anti-Spam solution implemented and utilized
-
Maintain regular backups
-
Save key data to shares or offline backups, not locally
-
Update/Patch your Operating Systems regularly (This includes all devices, computers, servers, network equipment, phones, medical devices, etc.)
Centre Technologies offers an enhanced security suite of products and services in order to better protect both you and your business data against the threat of cyber-attacks. Please contact your Account Executive if you are interested in further discussions.
About the Author
Organizations entrust Centre with protecting their technology ecosystem and strengthening their security posture. Centre’s cybersecurity and compliance solutions delivers layered IT security to protect businesses’ employees, customers, and content from known and unknown threats. Through employee awareness training, detailed security assessments, and 24x7 threat containment, Centre is a trusted partner for businesses seeking comprehensive network and data protection. Learn more about Cybersecurity and Compliance »
