The risk of inactive/off-line systems if just turned on and used
In our fast-paced world with cyber warfare going on, from nation
states jockeying for the secrets of other nations with zero day
hacks, to the many criminals looking for every way to get value out
of everyone they can, software is constantly being patched to try and
keep ahead. With so many people and businesses not patching, even
old bugs are being probed all the time, and getting attacked. Using
unpatched systems is a huge risk, sometimes even if just a few weeks,
or sometimes days, out of date.
There
are many reasons why a system might be unused for a while. They
aren't just sitting there for no reason, but generally in one of the
following paths
- Primary user on extended vacation or other extended leave.
- Pending deployment, with an active plan to do so.
- In
reserve, with not active plan, other than to be available if needed.
Perhaps on an eventual path to be decommissioned.
- On
the way to being decommissioned and disposed.
If
there is any intention of bringing a system into active use with
little warning, they must be kept up to date, otherwise they
represent a security risk as breachable/hackable defects are found
but not patched. These machines would need to be regularly (every
week or two) brought online and the full patch process run (Not just
the few obvious ones, but the whole patch management process). This
does not mean for all the system in reserve inventory, just enough
for quick deployments (loaner or replacement) and the next ones are
brought up to ready from extended off-line status.
Or
Any
system that has been off-line for an extended time, is a huge safety
risk to us if it is just deployed, until it has been through a few
restarts, with time in between for the patch process to see what is
needed and deployed. After the OS has gotten its patches, open the
primary apps, and go to their ‘Help’ ‘About’ menu to check
for any updates there. Browsers and email clients are a big target
and the front lines of many cyberattacks.
If a
system is on the path to likely being decommissioned, but we are just
keeping it around "Just in case" then pull it out of any
active monitoring systems it might be a part of, as those usually
have a licensing cost you can free up, and they usually alarm/bug
someone when they haven’t “called home”. Essentially some
effort to ‘Mothballing’ the device, just like the Navy does with
their ships, Air-forces often do with planes, or even clothes kept in
the attic for that ‘maybe some day we might need this again’
There
is a very active cyberwar going on, nation states juggling for
control to avoid bullets, through all the criminals trying to get at
what every they can grab. This has been accelerating at a rapid pace, and we can not rest on "it won't hit us" as we are all
being actively probed all the time.
To
be safe or as safe as possible, it is important that you keep your
systems (both personal and business) as up to date as possible before
and when actively using them.