Who can you trust in 2021 to ensure a safe computing environment?

The computer/network security industry is constantly preaching that the best way for businesses and computer users to avoid falling victim to malware attacks is to “ensure that the latest security patches are applied” to their network and computing environment.  With the latest revelation that a severe security breach, discovered in Dec 2020, infected a majority of Fortune 500 companies and most US Government agencies, as a result of a Solarwinds Orion platform update, many would question who can be trusted? 

Solarwinds is referred to as a “supply chain” vendor for companies utilizing their software in their computing environment.  Their Orion software provided an inventory and management function for large organizations that utilize large computing networks with vast numbers of PC’s. 

Software vendors are always coming out with upgrades to their software.  These upgrades are created to provide enhancements and improvements to the functionality of their software, but many times to fix known security vulnerabilities that have been discovered on their existing software.  Patching is a vital requirement for all companies, as a majority of them rely on computing and network presence for their everyday business practices, and their networks have to be protected from security threats that are constantly surfacing.
​
Companies have to ensure they have trusted and competent security staff to carry out and enforce security practices that are in place.  Using Solarwinds as an example, lax security practices can have dire consequences, put adverse conditions on a business, and possibly put the company’s survival in jeopardy.