Some of you are old enough to remember the days when pressing the wrong key on a computer led to the dreaded “blue screen of death.” (Cue dramatic music.) Back then, experts issued stern warnings about moving computers that were running, placing magnets near computers, and setting laptops on carpet. Decades ago, computers were physically vulnerable.
These days, we have a lot more leeway. 3-year-olds spill grape juice on iPads without major incident, and most of us put our phones in our back pockets and then sit on them. Modern computers aren’t that vulnerable physically, but network vulnerabilities have become a much bigger deal you need to be aware of.
TL;DR: A network vulnerability is a loophole in your hardware, software, or processes. An operating system vulnerability is a loophole in your Windows or MacOS system specifically. All of these loopholes let criminals in. Let’s close them up.
A network vulnerability is a loophole or flaw in your hardware, software, or processes that makes your network easier for a cybercriminal to break into. Network vulnerabilities can be caused by any aspect of your technology, including:
“Firmware” is software that specifically runs hardware, such as servers and routers. Firmware updates are rare, and you usually have to track them down on the manufacturer’s website. This means most organizations have lurking vulnerabilities due to outdated firmware.
Software includes operating systems and applications for laptops, smartphones, desktops, PBX phones, cloud apps, and everything else you think of when you think “tech.” All that software needs updating all the darn time, and the sheer number of required patches can make it feel like our tech is always badgering us for attention. If you miss or delay even one patch, you just created a network vulnerability.
No, we’re not saying that people are technology. That sounds like some weird, modern remake of Invasion of the Body Snatchers. (We want to see that remake!) What we’re talking about is how people often unintentionally create network vulnerabilities by using bad passwords (Pa$$w0rd1), missing patch installations, misconfiguring their networks, having too many permissions across the system, or falling prey to phishing scams.
An operating system vulnerability is a loophole or flaw in your operating system that makes it easier for cybercriminals to break in. An operating system is the main software that runs your computer or device – common examples include Windows, MacOS, Android, and Linux. (Super-attentive readers will have deduced that operating system vulnerabilities would be included as one potential form of network vulnerability.)
It’s likely you’ve heard the weird rumor that Macs are impervious to operating system vulnerabilities. Don’t believe the stories: all operating systems are vulnerable to attack. This is because all operating systems are (a) extremely popular, and (b) extremely complex. (We’ve written about complexity before in an article that is still well worth the read.)
Operating system vulnerabilities are usually caused by unpatched software, malware, and phishing attacks. Because operating system patching is so important, Microsoft has set up a way to address each new Windows operating system vulnerability with their “Patch Tuesday” updates.
While you can’t 100% protect your systems and networks, you can take steps that significantly reduce your likelihood of falling victim to an attack. As you can probably guess, the best way to do this is to set up a process that helps you regularly identify and fix existing vulnerabilities.
Setting up a process takes 4 steps:
Of course, it can be hard to figure out where you want to be if you don’t know where you are now. If you’d like to run a network vulnerability scan to get the high-level view of all the issues your network is currently dealing with (there might be thousands), the IT experts at Interplay are happy to help.
For 20+ years, the friendly and knowledgeable team at Interplay in Seattle has helped business leaders across a range of industries get more out of their tech, stress free. Not only are we always (and we mean always) happy to offer the best managed IT services, support, and advice, we’re also the team you can trust for the best cocktail recommendations here in Seattle or in Disney World – we’re versatile! All humor aside though, we’d love to help you get your IT running smoothly and securely, around the clock.