For the want of a patch, the data was lost

For the want of a patch, the data was lost

Nursery rhymes make it clear — Forgetting a nail or a patch can lead to huge consequences. This applies to ancient battles, it applies to the recent data leak at Equifax — and it applies to the individual device user.

Richard Smith, the former CEO of Equifax, attributed the leak of his company’s data on 143 million individuals on two “want of a nail” issues when he spoke to the US Congress:

  • One of their anonymous “information technology personnel” forgot to do the required patch.
  • The Equifax scanning system did not spot the deadly Apache Struts vulnerability.

Equifax has a cybersecurity budget of millions and a staff of over 200, I am skeptical of Smith’s claim that a single individual’s screwup was all it took. After all, the Equifax business model is based on the collection and resale of private data.

Go ahead, make that patch

But, give Smith credit on two critical points he mentioned to Congress:

  1. Missing a patch or ignoring an update request can have major consequences.
  2. Each individual action (or lack thereof) can also have major consequences.

Most people are not system administrators for major corporations, deciding on the update schedules of thousands of network computers. Their responsibilities – at least when it comes to device security – come down to the computer sitting in front of them and the phone in their hand. But whether you are a system admin at a company or just a basic device user, Mr. Smith’s warning points still apply.


Related article

https://blog.avira.com/equifax-leaks-business-model/


For the individual, there are three must-have device essentials – an effective antivirus overlooking everything coming into the device, an adblocker for those intrusive-to-malicious ads, and an updater to ensure that all device apps are up to date and patched against the latest vulnerabilities.

Cover these bases and you will reduce the chances of falling prey to the latest trick on the internet. Get an app to do this for you, and you are covered without really having to worry about the details. It’s your security – nail it.

For Want of a Nail

For want of a nail the shoe was lost.
For want of a shoe the horse was lost.
For want of a horse the rider was lost.
For want of a rider the message was lost.
For want of a message the battle was lost.
For want of a battle the kingdom was lost.
And all for the want of a horseshoe nail.
Source: Wikipedia

 

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.