hp missing updates

Are you vulnerability to these attacks?

The Importance of Patching

Most of us know about patch Tuesday - the second Tuesday of every month is when Microsoft releases its software patches. Most IT companies either manually update client systems or have them set to run automatically. Like most software companies, we're accustomed to regular patch releases to help keep our systems protected. The issue with these types of vulnerabilities is we are captive to the software vendor to fix them, otherwise, we are left exposed to attack.

While most of the updates we receive are from software companies, our hardware often requires patching. What happens if your hardware vendor doesn't patch their hardware? Such is the case with HP, and it's a problem.

Hewlett Packard servers, workstations, and printers are ubiquitous in offices and datacenters worldwide, but as effective as they are at marketing, they're sorely lacking in the timeliness of their patches. In fact, several known vulnerabilities have gone unpatched for more than a year. That leaves these devices vulnerable to attack from hackers with antivirus software being the only hope to thwart the attack. What's worse, once the hacker gains access to your vulnerable system, they can use that device as a springboard into your entire network, and with self-elevated privileges, they can roam with administrative access.

What can you do? For starters, you can find out if any of the HP systems on your network have known vulnerabilities by checking this link - https://support.hp.com/us-en/document/ish_6664419-6664458-16/hpsbhf03806. The next best line of defense is keeping your antivirus updated across your network. Finally, you all likely know we are big advocates of blocking attacks at the firewall, and many newer firewalls give you the (paid) option of running antivirus on their devices - stopping potential attacks before they gain access to your network.

If you need assistance with any of these issues, would like to learn more about our affordable cybersecurity testing services, or our HIPAA compliance program, please feel free to reach out to us.

HIPAA Security Reminders

 

HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up