From a single piece of software to a trolley full of laptops, we can help your school with any software installation requirements.
We can upgrade all of your systems to the latest version of Windows or ensure all of your devices are running the latest updates from Microsoft, Google, Adobe etc.
The effective management and implementation of system updates and patches across your school is essential to ensure security of your systems and compliance with Cyber Essentials.
We can help you ensure that all devices and software are not vulnerable to known security issues for which fixes are available.
Vulnerabilities are regularly discovered in all sorts of software. Once discovered, malicious individuals or groups move quickly to misuse (or ‘exploit’) vulnerabilities to attack computers and networks in organisations with these weaknesses.
To comply with Cyber Essentials or the DfE Cyber Security Standards, schools need to ensure that all software is kept up to date. All software must be:
- licensed and supported
- removed from devices when it becomes un-supported
- have automatic updates enabled where possible
- updated within 14 days of an update being released, where:
- The update fixes vulnerabilities described by the vendor as ‘critical’ or ‘high risk’
- The update addresses vulnerabilities with a CVSS v3 score of 7 or above
For optimum security and ease of implementation it is strongly recommended (but not mandatory) that all released updates be applied within 14 days.
We recommend this time period so updates can be widely tested before being implemented.
Frequently Asked Questions
What is a software vulnerability?
A software vulnerability is a weakness in a program that can be exploited by an attacker to gain unauthorized access to a system or its data.
What is patch management?
Patch management is the process of identifying, acquiring, testing, and applying patches or updates to software in order to address vulnerabilities and improve security.
Why is patch management important?
Patch management is important because it helps to reduce the risk of security breaches and data loss by keeping software up to date and secure. Patches can fix vulnerabilities that could otherwise be exploited by attackers.
What is end-of-life (EOL) software?
End-of-life software is software that is no longer supported by the vendor, meaning that no new updates or patches will be released for it. Using EOL software can leave systems vulnerable to attack, as security vulnerabilities will not be fixed.
What is end-of-support (EOS) software?
End-of-support software is software that is still supported by the vendor, but only for a limited time. Once support ends, no new updates or patches will be released for it. Using EOS software can leave systems vulnerable to attack, as security vulnerabilities will not be fixed.
Why is it important to uninstall EOL/EOS software or software that's no longer used?
It is important to uninstall EOL/EOS software or software that’s no longer used because they can create security vulnerabilities that can be exploited by attackers. By uninstalling these programs, you reduce the attack surface of your system and make it more difficult for attackers to gain unauthorised access.
What is third-party software?
Third-party software is software that is created by a vendor other than the one who created the operating system. Examples of third-party software include web browsers, media players, and productivity applications.
Why is it important to patch third-party software?
It is important to patch third-party software because attackers often target these programs as a way to gain access to systems. Third-party software can be vulnerable to attack just like other software, and patches can fix vulnerabilities and improve security.
What are some best practices for patch management?
Some best practices for patch management include:
- Regularly checking for updates and patches for all software
- Testing patches before applying them to production systems
- Applying patches as soon as possible after they are released
- Maintaining an inventory of all software installed on systems
- Uninstalling EOL/EOS software or software that’s no longer used
Can patch management be automated?
Yes, patch management can be automated using software tools that can help identify and apply patches to software. However, it is still important to test patches before applying them to production systems to ensure that they do not cause any issues.