Learning the Hard Way: Proactive Desktop Management or Disaster Recovery?

A hand holding the world

Despite the increasing sophistication of end users in detecting potentially harmful email links and attachments, cybersecurity experts still say the weakest link in any organization’s network is human carelessness. A single employee who inadvertently permits a hacker to gain system access can undermine millions of IT investment in cybersecurity not to mention the costs associated with the exposure of vulnerable data. Simply put, desktop security is necessary to prevent theft of proprietary data, funds, or both.

Culture of Resistance

In many companies, there is a cultural resistance to aggressive and time-consuming security practices foisted on an overtasked workforce. In addition to the length of time it may take, depending on the number of pending updates, people would rather force a shut down so they can bring their laptop home or on the next flight out of town rather than sit and wait as each item is updated. Other users may have had a negative past experience with an update that wasn’t beta tested and lost some functionality, removed a feature, or made it harder to find. Whatever is driving that inertia at the desktop, the result on a corporate scale can be tomorrow’s headlines about a serious breach impacting their business. Notable breaches that have recently impacted US consumers include JP Morgan Chase, Citi Bank, Home Depot, eBay, and, yes, even the aptly named Target. While the SMB market may be less newsworthy, it is by no means less prone to attacks.

Minimize User Involvement

Sometimes device protection means protecting end users from themselves. Thankfully, patch management is one of the easiest processes to automate, assuring that each user device will be protected without the individual having to launch a program that interrupts their use of that device.

Brian Nunziato, ABS’s Manager of Information Technology and Data Analytics, has dealt with some recent DR at the desktop with a client that has been hesitant to adopt an aggressive policy in terms of patches and updates.

“Companywide, they’re still getting reports of slow device performance on a full scan which calls into question potential hardware deficiencies if the updates are really bogging down machines to that extent. Right now the goal is to keep working on bringing their desktop environment current. So far there have been significantly more desktops and laptops out of compliance than initially anticipated, some with upwards of 150 to 200 items pending, but they’ve been patching like gangbusters. Patience and tenacity have paid off with an improved compliance rate and a successful deployment as well as coordination with IT Managers as they request new machines be added to the queue of supported assets.”

Have they been subject to cyberattacks in the interim?

“The client had a machine that was exposed [out of compliance] that had picked up a virus specifically targeting Windows devices that hadn’t installed the latest security patches. Luckily, the anti-virus program contained the virus so effectively that the end user, who happened to be an IT Manager, didn’t even notice it was there, but it was promptly removed.”

Containing a virus before it spreads is the preferred alternative to a flood of contacts at the service desk, but a well-executed, proactive desktop management solution prevents that targeted device from being infected in the first place.  If that ounce of prevention can only be addressed in hindsight, the next best thing is for the service desk to promptly respond to support tickets, escalating where necessary to third-party AV vendors such as bitdefender, update their definitions, remove the exploit virus, and eventually push the change to the desktop.

Going through this exercise with clients who hesitate to commit to any regular patch schedule or accept updates at the desktop not only emphasizes the necessity for doing so but reinforces the reactive procedures for containment.  The good news is each unique cyber-attack compels new countermeasures in the next software patch and occasionally procedural shifts in the proactive desktop management and security knowledgebase. With each new challenge, the IT services provider implementing such measures at the desktop will be far more prepared, will better anticipate client expectations, and will build a more persuasive and compelling case for the pitfalls of inaction. Learning the hard way is not the best way to prepare for a security breach, but it may be the most convincing, not to mention memorable, argument for proactive desktop management going forward.