Posted By: ASK
Posted date: January 4, 2018
In: Enhanced Security Services, Security, Uncategorized
From the desk of Mike Maddox:
You have probably seen the news reports regarding microprocessor vulnerabilities and the potential for these vulnerabilities to lead to security breaches. ASK has put together the information below in an effort to keep you informed regarding this issue.
To define the issue: it was reported on Tuesday, January 2, 2018, that a security vulnerability exists in most Intel processors and some ARM chips. The vulnerabilities identified are being called “Meltdown: and “Spectre”. The processors and chips that are susceptible to these vulnerabilities are in almost every system (servers, workstations, and phones) manufactured since 2011.
How Big a Vulnerability is this?
Both vulnerabilities could potentially allow a hacker to steal data on a system. To date, there have been no reports of these vulnerabilities being used to breach systems. In order to exploit these vulnerabilities, a hacker would have to gain access to your systems via a conventional method of intrusion. Therefore ASK highly recommends our Live Security Monitoring (LSM) solution (see below) for all clients. Clients with LSM greatly mitigate the risk of conventional intrusion techniques.
What is the Tech Industry Doing about this?
Microsoft will be releasing patches for Windows the week of 1/8
Apple has announced a patch in macOS10.13.2
Cloud Providers (Amazon, Microsoft, Google) are applying patches to their Cloud Infrastructures. This will involve downtime which will be announced in the coming days.
All of the above actions are patches at the software layer. In the future, ASK expects that you will see firmware updates to the actual processors and chips affected. This will take time due to the nature of firmware updates- they need to be developed and then distributed to the various workstation, server, and phone manufacturers.
For ASK Managed Services clients, ASK will be following our normal patching process and pushing Windows patches to both servers and workstations according to your predefined schedule.
Will the Patches Cause slowdowns in your environment?
Despite what you may have heard in the news, a slowdown will not necessarily result from the software patches. Most ASK customers are running an environment with enough spare capacity to absorb the resources needed for these patches. Some clients that have gone beyond recommended thresholds for capacity could potentially see a slowdown. Intel’s statement is as follows:
“any performance impacts are workload-dependent, and, for the average computer user, (performance effects) should not be significant and will be mitigated over time.
Cloud environments (like Microsoft Azure) face a challenge in that they must patch thousands of servers in a finite data center. No information has yet been revealed regarding plans to achieve this.
Servers running the Linux operating system are a possible exception. The way that Linux works and the patch that was deployed by the Linux kernel developers could potentially impact performance.
What You Can Do
ASK has long supported a layered approach to security. No process can prevent all vulnerabilities and therefore, we believe in implementing multiple security solutions to protect your business.
The first layer is included with all ASK Managed Care solutions like ASK Total Care and Proactive Care and includes things like Anti-Virus, Anti Malware, and web protection.
The second layer is a comprehensive Backup and Recovery solution, and this is offered by ASK Backup and Rapid Recovery (ASK BRR).
In the past, the first two layers were sufficient for most companies to mitigate risk. That is no longer the case and ASK strongly recommends that clients implement live security monitoring, offered through ASK Live Security Monitoring (ASK LSM). Information is available at https://justask.net/enhanced-security-services/
If you have any questions or would like to discuss this further, please contact your ASK VCIO or Sales Person as soon as possible.
Contact us for more information about Live Security Monitoring at (517) 676-6633