Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Free Cyber ServicesSecure by design Secure Our WorldShields UpReport A Cyber Issue

Cybersecurity & Infrastructure Security Agency logo America’s Cyber Security Defense Agency National Coordinator For Critical Infrastructure Security and ResilienceCybersecurity & Infrastructure Security Agency logo America’s Cyber Security Defense Agency National Coordinator For Critical Infrastructure Security and Resilience
CISA Logo

Search

 

America's Cyber Defense Agency
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutivesHigh-Risk Communities
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
    CISA Conferences
    CISA Live!
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
  • About
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    CISA GitHub
    CISA Central
    Contact Us
    Subscribe
    Transparency and Accountability
    Policies & Plans

Free Cyber ServicesSecure by design Secure Our WorldShields UpReport A Cyber Issue

Breadcrumb
  1. Home
  2. Secure Our World
  3. Update Business Software
Share:
Secure Our World Hero Image

Update Business Software

Ensure you have the latest protection for your business, employees and customers.

Protect Your Business by Updating Your Software

Using out-of-date software creates a major risk for your business. Criminals exploit software vulnerabilities to steal business, employee and/or customer data. Software developers create patches for these weak points as soon as they can. Many software updates are created to patch security vulnerabilities. 

However, if you don’t install these updates, they can’t protect you! Learn the risks and the simple actions you can take to protect your business.  

Three Steps to Protect Your Critical Assets and Applications 

The best defense against online attackers is to keep your software up to date and replace any hardware or software that is “end of life,” or no longer supported.

1. Leverage automatic updates for all operating systems and third-party software.  

Establish ongoing network security/patching procedures to prevent attacks. Enable automatic updates whenever possible and be sure to obtain, test and deploy the latest versions of operating systems and applications. Talk to your IT staff about their processes for monitoring and updating software. 

2. Replace unsupported operating systems, applications and hardware. 

Supported hardware and software allow you to receive updates and patches for vulnerabilities. These are not available for unsupported or unauthorized assets. Make an inventory of authorized hardware and software throughout your organization and update it periodically. During the inventory, identify and remove any unauthorized hardware or software.

3. Educate your employees and vendors. 

Explain to your employees, especially those working remotely, why software updates are important, and why they must not be delayed. Encourage employees to set up automatic updates on their own devices and software. Have employees contact IT support for approval when they want to install software or apps on company devices. Talk to your vendors to make sure they are taking steps to secure their systems by regularly updating software. Their system could impact your system so make sure they are taking precautions.

Other Ways to Protect Your Business

Online criminals are always looking for easy targets. Businesses that don’t take basic precautions are at risk. Take the following steps to make it harder for malicious actors to access your data or trick an employee into allowing access to your systems.

decorative image of business owner

Secure Your Business

Protect your business, your employees and your customers with easy and effective safety habits and policies.

decorative figure: coworkers looking at a computer

Teach Employees to Avoid Phishing

Phishing happens when criminals trick employees into opening malicious attachments or sharing personal info. Implement training to teach employees how to identify and report suspicious activity.

decorative image of business owner

Require Strong Passwords

This is one of the easiest ways to protect your business from criminals who might otherwise access your accounts by guessing or using automated hacking programs.

decorative figure: woman at work

Require Multifactor Authentication

Use more than a password when signing into accounts—such as a texted code, authenticator app or biometrics—to make them much safer than a password alone! MFA protects accounts by requiring additional authentication to prevent access by others.

Related Content

SOW Cybersecurity Awareness Month 2024

October is Cybersecurity Awareness Month

Download the free Cybersecurity Awareness Month 2024 toolkit!

individuals working on a computer

Understanding Patches and Software Updates

Best practices for updates and how to find out what patches you need to install.

woman working on her computer

Weak Security Controls and Practices Routinely Exploited for Initial Access

Share this with your IT provider/staff and encourage best practices to protect your systems.

decorative figure: coworkers discussing work

Phishing-Resistant Multifactor Authentication Is Key to Peace of Mind

Require employees to use MFA and take it to the next level with FIDO security keys.

Colleagues gathered around a computer

Cyber Guidance for Small Businesses

Ready for more? 

Get an action plan for your leadership team to implement—before a hacker attempts to steal your info or compromise accounts.

Cyber Guidance for Small Businesses

Return to Secure Our World

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • X
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 1-844-Say-CISA SayCISA@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback