Bug

A Bug is an unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. These small defects or faults are generally due to human error when writing the source code or in the design of the medium that causes the system or crash or simply not work. Bugs can sometimes end up as security vulnerabilities that need to be patched through updates for the relevant software or device. 

The origin of this term is allegedly from the IBM Mainframe days in the early 1950s when a moth was found dead within the internals of the room-sized computer. This “BUG” caused the whole mainframe to malfunction, bringing the word “Bug” into our common language usage.

What Does A Bug Mean For My SMB?

SMBs need solutions in place to manage bugs.  These typically come in the form of a patch management solution to quickly install software fixes from vendors when released to the public.  Patches often address important security vulnerabilities. SMBs and MSPs need to plan ahead by creating policies that dictate how quickly to react based upon the criticality of a particular vulnerability.  For CyberHoot users, the Policy Template library contains a Vulnerability Alert Management Process (VAMP) in place. With this process in place, you have clear guidelines for when to jump and how high to jump for a given vulnerability or exposure.

Consider deploying a cloud-based patch management solution to automatically update software whenever and wherever necessary. Most Managed Service Providers leverage one of the big three Remote Monitoring and Management (RMM) solutions (Connectwise, Datto, and Kaseya) for patching their managed systems. These RMM solutions also provide monitoring, and remote access in addition to tested and validated patching services to their clients.

Standalone patch management solutions for companies not using the above-mentioned RMM solutions include ManageEngine and Automox.

SMB PROTECTIONS BEYOND PATCH MANAGEMENT

In addition to adopting a patch management system, CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:

• Adopt a password manager for better personal/work password hygiene
• Require two-factor authentication on any SaaS solution or critical accounts
• Require 14+ character Passwords in your Governance Policies
• Train employees to spot and avoid email-based phishing attacks
• Check that employees can spot and avoid phishing emails by testing them
• Backup data using the 3-2-1 method
• Incorporate the Principle of Least Privilege
• Perform a risk assessment every two to three years

Sources: NCSD Glossary, Historical Reference

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

• Blog
• Cybrary (Cyber Library)
• Infographics
• Newsletters
• Press Releases
• Instructional Videos (HowTo) – very helpful for our SuperUsers!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.