
Update Business Software
Ensure you have the latest protection for your business, employees and customers.
Protect Your Business by Updating Your Software
Using out-of-date software creates a major risk for your business. Criminals exploit software vulnerabilities to steal business, employee and/or customer data. Software developers create patches for these weak points as soon as they can. Many software updates are created to patch security vulnerabilities.
However, if you don’t install these updates, they can’t protect you! Learn the risks and the simple actions you can take to protect your business.
Three Steps to Protect Your Critical Assets and Applications
The best defense against online attackers is to keep your software up to date and replace any hardware or software that is “end of life,” or no longer supported.
1. Leverage automatic updates for all operating systems and third-party software.
Establish ongoing network security/patching procedures to prevent attacks. Enable automatic updates whenever possible and be sure to obtain, test and deploy the latest versions of operating systems and applications. Talk to your IT staff about their processes for monitoring and updates.
2. Replace unsupported operating systems, applications and hardware.
Supported hardware and software allow you to receive updates and patches for vulnerabilities. These are not available for unsupported or unauthorized assets. Make an inventory of authorized hardware and software throughout your organization and update it periodically. During the inventory, identify and remove any unauthorized hardware or software.
3. Educate your employees.
Explain to your employees, especially those working remotely, why software updates are important, and why they must not be delayed. Encourage employees to set up automatic updates on their own devices and software. Have employees contact IT support for approval when they want to install software or apps on company devices.
Other Ways to Protect Your Business
Online criminals are always looking for easy targets. Businesses that don’t take basic precautions are at risk. Take the following steps to make it harder for malicious actors to access your data or trick an employee into allowing access to your systems.

Secure Your Business
Protect your business, your employees and your customers with easy and effective safety habits and policies.

Teach Employees to Avoid Phishing
Harmful links or attachments could provide unauthorized access to information or infect your network with malicious code. This can result in data being held for ransom.

Require Strong Passwords
This is one of the easiest ways to protect your business from criminals who might otherwise access your accounts by guessing or automating hacking programs.

Require Multifactor Authentication
Using more than a password to access an account—such as a texted code, authenticator app, fingerprint or access card—makes an account safer than a password alone!
Related Content

October is Cybersecurity Awareness Month
Learn how to get involved and become a Cybersecurity Awareness Month partner!

Understanding Patches and Software Updates
Best practices for updates and how to find out what patches you need to install.

Weak Security Controls and Practices Routinely Exploited for Initial Access
Share this with your IT provider/staff and encourage best practices to protect your systems.

Phishing-Resistant Multifactor Authentication Is Key to Peace of Mind
Require employees to use MFA and take it to the next level with FIDO security keys.

Small and Medium Businesses
Ready for more?
CISA offers free information and tools to help small businesses protect their people, customers, intellectual property and other sensitive data.