Keep software current to reduce cybersecurity risk

If you're a smaller government without your own full-time information technology staff, you might find it challenging to stay on top of IT-related maintenance. Larger entities have entire departments dedicated to maintaining computer infrastructure, while you may be working with a part-time contractor or even volunteers to meet your IT needs. And that's okay, but remember: having the latest security software, web browser and operating system on your devices is an important defense against cyberattacks.

Updates are important

Updates are imperative, especially when they are security-related. But they can be important for other reasons, too. For example, an update can improve performance or fix a bug affecting software performance. Installing updates that contain critical patches helps protect your government from security vulnerabilities, and they keep your system and data safe from hackers.

Update in a timely fashion

You'll want to check for available updates regularly, evaluate each one, and then prioritize when you should implement them across your government. This practice ensures that you install the most necessary and urgent updates first. Not every update is necessary and some could be skipped altogether. Evaluating the need for updates may be difficult for smaller governments without a dedicated IT staff, so we recommend that you at least understand the reason for the update before choosing to install it.

If you are a very small government and each computer user manages their own updates, then it's important each individual user regularly checks for and installs updates. Even in this situation, we recommend someone understands the purpose of updates before installing them.

Check your operating system

Operating systems for computers and other equipment can become outdated and unsupported, which means you will no longer receive security patches. To check if the version of your operating system is still supported, search the company's website or reach out to its tech support. There can be a cost to upgrade, but it could be free. You might recall Windows 7 support ended in 2020, and users were encouraged to download a free update to Windows 10.

Retire unsupported programs

When developers no longer support the software you're using, it's a good time to replace it with something new or uninstall it if you no longer need it. If you must stay on unsupported software, be sure to evaluate the risks and document the potential vulnerabilities you identified and the compensating controls you put in place to mitigate those risks.

Contact us

Have questions about keeping your software current to minimize cybersecurity risks? Submit your questions to our IT Audit technicians using the HelpDesk in the client portal.