Meltdown and Spectre Vulnerabilities
Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It's really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer worldwide, including all workstations and servers.
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system.
This hardware bug breaks that isolation.
So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.
What is Centre doing about this and what can you do right now to be prepared?
For our Managed and Hosted Services customers, we have already begun the process of updating and patching all PCs and servers that we manage. This is going to take some time, as patches for some devices are not even available yet. We also may recommend that you replace some older mission-critical computers to fix this as there are no patches for these older systems and none are planned. For some of these legacy systems, this may be your only alternative.
We are also in touch with Department of Homeland Security (DHS) and the FBI InfraGard Teams for the latest threat intelligence on possible exploits to these flaws.
Centre recently rolled out a new more aggressive patching schedule for workstations and has implemented an enhanced patching cadence for servers. At this time, we do not feel it is necessary to deviate from our existing patch schedule unless our manufacturer partners recommend so doing due to the threat level. We expect to have all workstation patches deployed by 1/12/18 and servers will be patched in your next scheduled maintenance window.
What can you do now?
Be extra vigilant, with security top of mind and “Think Before You Click” as Phishing through email is still the most common vector for malware to compromise your systems.
Don't CLICK it
Don't OPEN it
Don't ALLOW ACCESS
Maintain a strong password policy
Keep business networks secure
Anti-Virus installed on all machines
Anti-Spam solution implemented and utilized
Maintain regular backups
Save key data to shares or offline backups, not locally
Update/Patch your Operating Systems regularly (This includes all devices, computers, servers, network equipment, phones, medical devices, etc.)
Centre Technologies offers an enhanced security suite of products and services in order to better protect both you and your business data against the threat of cyber-attacks. Please contact your Account Executive if you are interested in further discussions.