Why it sucks to be in IT... (ScreenConnect Edition)

...and the Importance of Keeping Systems Up-to-Date

In the wake of a recent security incident with a popular and widely-used tool [by IT companies and Managed Service Providers] to remotely access computer systems, known as ScreenConnect, I feel it's time for an awareness conversation amongst the business community.

The importance of keeping computer systems [and software] up-to-date cannot be stressed enough. Whether it's handled in-house or outsourced to an external IT provider - YOU need to understand the risks to YOUR business of failing to patch, or have your systems patched. Software [and device] updates are one of single most important things you can do to help protect your business.

A vulnerability with a CVSS score of 10 was identified in ScreenConnect—this is as critical as it gets, making systems as easy to compromise as leaving the front door wide open with a neon welcome sign for cybercriminals.

For those businesses using these tools, or relying on Managed Service Providers (MSPs) to keep their IT infrastructure ticking over (who usually manage a vast fleet of computer systems—often spanning hundreds, if not thousands, of systems)—this news should be a sharp wake-up call.

These tools can the linchpins of business operations, allowing [MSPs] to manage and troubleshoot systems remotely. Yet, they also represent a central point of potential failure if not properly secured.

A CVSS score of 10 indicates a vulnerability that allows attackers to easily exploit systems, potentially gaining unfettered access. It's a stark reminder of the precarious nature of IT security and the domino effect a single weak link can have across the vast networks depended upon.

Let's be clear: The responsibility to ensure these systems are patched and secured [whether in-house or by a third-party] swiftly falls squarely your shoulders.

If you outsource this task, and by doing so, think this is no longer your responsibility, or think you don't need to police your IT providers (and get regular updates and reports from them), you're heading for a bad day; which could result in the loss of your business.

It's also important to have the conversation with anyone who has remote access to your systems, how they protect their own systems?

Complacency or delay in addressing vulnerabilities (such as the ScreenConnect incident), even for just 24 hours, can have catastrophic consequences for businesses large and small. It's not merely a matter of inconvenience; it's about protecting livelihoods, customer data, and reputations.

As business owners, it's crucial to understand the stakes and ensure IT partners are as vigilant and responsive as you expect them to be. This recent incident is a clarion call to all businesses: Ensure your IT provider isn't just reactive but proactive. Ask questions, demand transparency, and make sure they understand the gravity of keeping your systems secure.

Whilst I'm on a roll with this rant, the resources and tools required to adequately protect systems cost money, whether it's to employ people, train people, or pay for licenses; which pay companies and developers to keep these tools updated and relevant. Those costs are without taking into account bringing computer systems up-to-date.

Many times I've spoken with companies who don't appreciate, or understand, the intricacies and costs involved with securing their business; much of which is carried out behind the scenes. I get it, if you can't see it, what are you getting?

It's not just non-IT businesses that are at fault either, IT companies and MSPs cause issues too. I went to a business a couple of weeks, quoting to look after their systems (I'm not sure whether they were "unhappy" with their current IT providers, or if they thought they were "okay").

Either way, my quote was way over the top as the current IT provider (who the business remained with) was charging less per user/month for IT support than it would have cost me in license fees. ˉ\_(ツ)_/ˉ

Back to the ScreenConnect incident, I was up myself patching systems at 3am this morning when the patch was announced. Failure to do this would not have only put my business at risk, but those of my clients too. If you're still running an unpatched on-premise ScreenConnect instance at the time of this post, do better!

Cybersecurity is a team sport, resilience against cyber threats is only as strong as the weakest link.

#CyberSecurity #BusinessResilience #ITInfrastructure #ScreenConnectUpdate #WhyItSucksToBeInIT #CyberSecurity