Skip links

Vulnerability Assessments & Patch Management with New Acronis SCS Cyber Protect

Acronis SCS Cyber Protect Cloud Blog Banner

Meet Acronis SCS Cyber Protect

Meet Acronis SCS Cyber Protect, our newest solution for state and local government, education, healthcare, and nonprofit customers. This one-of-a-kind endpoint protection software with backup, full-stack antimalware protection, and comprehensive management and security capabilities is now available in both on-premise and cloud versions.

Integrated Cybersecurity & Data Protection

Acronis SCS Cyber Protect’s revolutionary integration of data protection with cybersecurity allows public sector IT teams to manage all aspects of endpoint cyber protection from a single pane of glass. This integration eliminates unnecessary complexity, delivers leading protection against today’s threats, and maximizes efficiency for organizations with limited IT resources.

For the US public sector, any downtime or data loss could spell disaster, not only for individual institutions and the people they serve, but for America’s digital ecosystem as a whole. According to Verizon’s 2020 Mobile Security Index, seventy-five percent of public sector organizations say mobile devices are critical to their operations, while fifty-six have experienced a major mobile related compromise. As organizations navigate the added challenges of coronavirus-induced remote work, Acronis SCS Cyber Protect has the tailored features IT teams and employees need to stay productive and #CyberFit.

Remote Work Vulnerabilities

As the number of public sector employees working from home remains at record levels, we must remember that cybercriminals compromise remote users in a variety of ways. One of the most popular and effective tactics is exploiting vulnerabilities in software, either in the operating system itself or in installed third-party applications.

As you might expect, cybercriminals often go after widely used applications and services, making things like the Windows operating systems and popular PDF readers, office suites, browsers, packers, and viewers common targets. Of course, those are not the only targeted applications. Cybercriminals will often search for use of rare applications with severe vulnerabilities that have never been patched.

Vendors and security analyst firms alike report that the number of software vulnerabilities continues to climb every year. For instance, BeyondTrust reports that Microsoft vulnerabilities rose in 2018, with 700 discovered. While any vulnerability is a potential danger, one must be exploitable to do damage. Therefore, if a software vulnerability is deemed a high or critical risk, it requires immediate triage and remediation.

A report by Skybox Security: “2019 VULNERABILITY AND THREAT TRENDS”

Why Patching Is Important

Eliminating vulnerabilities requires software patches – updates released by the manufacturer to close security loopholes, add functionality, or improve performance. Some software vendors do this well, others do not. In either case, there is always a time gap between when a patch is released and implemented.

The Equifax data breach, one of the biggest known data thefts to date, successfully exploited a known “critical vulnerability” in the Apache Struts software. That vulnerability was originally disclosed on March 7, 2017. Despite being alerted by the Department of Homeland Security on March 8, “Equifax did not fully patch its systems … leaving its systems and data exposed. On May 13, 2017, attackers began a cyberattack on Equifax which lasted for 76 days.”

Data from Edgescan’s 2019 Vulnerability Statistics Report reflects the typical time required to close a vulnerability in the modern software industry.

It is important to note that patching is typically only done for supported software. As soon as support for an older version of an application stops, the developer is no longer obliged to close security holes.

The situation becomes even more complex when patching is not transparent or automated, since neither employees nor organizational administrators are as diligent about regular patching as they should be. That is why software developers are continuously improving and automating update procedures for their products. Microsoft, for example, has Windows Server Update Services (WSUS) for corporate environments and Windows Update for home users and home offices. These are update mechanisms for Windows-based applications. Companies like Java, Adobe, Google, and Mozilla also typically include their own update routines in the software they release.

That said, none of those embedded update routines are perfect. Microsoft can only update its own software, not third-party software. Such updates are only supported through the expensive Windows Server, which requires a lot of storage for updates and which has a management database prone to occasional corruption.

Other software developers only update their own applications and often require user interaction, which causes other issues since users tend to delay updates as long as possible to avoid an operating system restart. Alternately, some users will install updates but not restart their machines, leaving their system vulnerable in the meantime.

That is why specialized solutions, called patch management systems, exist. Unfortunately, these point solutions often lack the required functionality to meet customers’ expectations.

Fully Integrated Vulnerability Assessments & Patch Management

As a cyber protection company, Acronis SCS covers all aspects of cybersecurity and data protection to ensure seamless business continuity for our public sector customers. Vulnerability assessments and patch management are important parts of our cyber protection proposition, which centralizes your security posture in one management console and one agent, eliminating the complexity typical of security management.

Acronis SCS Cyber Protect’s vulnerability assessments and patch management functions meet all the expectations of public sector organizations while providing detailed information about devices and applications running on the network. Vulnerabilities are classified according to an internal severity scale and required updates are fetched automatically and rolled out to different groups in a variety of ways by tweaking the corresponding protection plan.

Updates, upgrades, and applications can contain packages with very large files. That means downloading and distributing them can consume network resources on the devices receiving them. To prevent slowdowns during patch rollouts for non-Windows systems and third-party applications, Acronis SCS uses peer-to-peer patch distribution technology in addition to cloud server distribution. Our delivery optimization reduces bandwidth consumption by sharing the work of downloading these packages among multiple devices in a customer’s deployment.

Unlike other solutions on the market, Acronis SCS Cyber Protect’s vulnerability assessment supports not only Windows-based networks but also Linux networks. Its patch management capability includes a set of client management tools that automate a wide range of IT administration functions, saving both time and money – particularly hot commodities for public sector organizations with limited resources. For example, our solution can patch endpoints located both inside and outside the corporate network, a capability that is frequently demanded by customers with remote and mobile users.

This patch management functionality can be used in unique safe restore scenarios from a full disk backup. Acronis SCS Cyber Protect is able to scan for and eliminate malware in those backups so administrators can restore a user’s machine from a “clean,” uncompromised disk image. More importantly, Acronis SCS Cyber Protect can automatically patch the system with the latest available updates if the administrator enables this option – thus preventing live new worm epidemics.

Our safe restore feature guarantees your organization’s endpoints stay protected by updating antimalware bases of the Acronis SCS Cyber Protect agent in this full disk backup to the latest definitions and artificial intelligence models, so you can detect malware and prevent it from attacking already patched systems.

Acronis SCS Cyber Protect Is Here to Help You

New vulnerabilities are constantly being identified, so having a proven way to patch your systems and applications is critical. With Acronis SCS Cyber Protect, your organization gains top-level vulnerability assessments and patch management functionality with our unique, close integration between exceptional cybersecurity and award-winning backup. To experience these capabilities for yourself, contact us today.