In this module we consider servers, storage and backups, computing environments, and the process of maintenance and patching, in the context of enterprise systems and security.
Learning Objectives
- Explain how servers, storage and backups are used to mitigate the risk of data loss
- Describe the various types of computing environments and the situations in which they are used
- Discuss the importance of maintenance and patches in reducing vulnerabilities
Servers, storage and backups
Video: Infrastructure and Servers
Server types:
- Web servers: host websites and make them accessible on the internet.
- Database servers: store and manage large amounts of data accessed by applications.
Data storage considerations:
- Durability: how long data needs to be stored reliably.
- Scalability: ability to adapt to changing data storage needs.
- Availability: how quickly data can be accessed when needed.
- Security: measures to protect data from unauthorized access or loss.
Backup strategies:
- Creating copies of data and storing them in a separate location.
- Choosing between physical storage (DAS) or cloud storage solutions.
Benefits of backups:
- Protect data from hardware failures, accidental deletion, or cyberattacks.
- Allow restoring data to a previous state if needed.
Overall, the video emphasizes the importance of planning and implementing robust data storage and backup solutions to ensure business continuity and prevent data loss.
Which of the following are examples of direct area storage (DAS)?
Solid State Drive (SSD)
Floppy disk
Do you remember a time
when you were rushing to complete a task
for a deadline and at the last minute,
something unforeseen happened which interrupted
your progress? Perhaps you were uploading
important information, and your internet
connection dropped. Do you recall working on your
computer where you saved all your confidential
or project information that you’ve been
tackling for months? Suddenly, your device gave in, leaving you frustrated and
panicked because you’re held accountable and there’s no recourse to
restore your data. Imagine the impact on an enterprise when a large
volume of data is lost. There are solutions to avoid the devastation experienced
in situations such as these. System fail-safe
protection forms part of enterprise
systems and security. In this video, you
will establish the relationship between
system fail-safe protection, and server storage and backups. Specifically, you’ll find
answers to questions such as, what computer environments will an application run on?
Are there backups? What maintenance and patching
policies are employable? Let’s begin by
discussing servers. A server is considered to have several meanings
and various roles in relation to computers. Predominantly, a
server is a piece of programming code that
provides services. This can also take the form of computers on a computer network. Additionally, it
can be defined as a computer dedicated
to running programs. There are various
types of servers, but let’s unpack the
two most common ones, web servers, and
database servers. A web server is a computer that is dedicated full-time
to hosting web pages. The internet is made up of
many computers acting as web servers connected with the appropriate
ports, and protocols. It can be a single web page of a small business running on a personal computer or a large multinational company
hosting thousands of pages. Nevertheless, it is all interconnected and
accessible to everyone. An unfavorable expression
that you may have encountered is the
server is down. This means that the computer
hosting the web pages for a company or an individual
is no longer accessible, and the service has ceased. Soon, you’ll learn some
cybersecurity best practices that will make this expression
less likely to come up. Another type of server
is a database server. A database server is a machine that is dedicated to
storing information. It is connected to a network and accessed when stored
data is required. Before continuing, let’s observe a scenario that involves
storing data for a business. Sam is considering the
storage needs for Sam Scoops, here are some important
considerations when assessing storage needs
and requirements. One is durability, good questions to ask when
assessing durability is, will it last and what is an acceptable period of
time to measure durability? Another is scalability, does it fit the data needs
of the business or does your storage solution adjust accordingly as the
business need grows? Next, availability concerns how readily available the data
is and when it is needed. Lastly, consider security, how safe is your data? Ultimately, Sam
wants to ensure that the essential data needed to
run Sam Scoops is kept safe. This means potentially
duplicating the data and storing it
in a secondary location. This process is known
as creating a backup. It is good practice to exercise
when running a business. With the scenario in mind,
let’s explore storage. When a server goes down, the server hosting your
web page is unreachable. This may be due to a
technical error like losing an Internet connection or an issue with the computer
hosting the server. Recall that memory is either
volatile or non-volatile. In the instance that a
computer no longer runs, any data stored in
volatile memory is lost. Therefore, it is vital
to create a backup and save your memory to
secondary storage regularly. Additionally, your
server may require large amounts of data to
satisfy requested tasks. RAM is a short-term solution and its storage and memory
retention are quite limited. When faced with this issue, a business can address
the problem in two ways. The first option is to
physically acquire more storage through what is known as
direct area storage or DAS. DAS involves additional
secondary storage devices that physically connect to
the machine accessing it. Some examples include, solid-state drives
or hard disk drives, along with flash drives and legacy devices like
floppy disks and DVDs. Alternatively, another option is to make use of Cloud storage. Some major Cloud
storage providers include Microsoft Azure, Amazon Web Services, and
Google Cloud Platform. Cloud computing works on the same principle as a
home database server, except it is done on
a larger scale with potentially unlimited data
restrictions available. The only limitation
is that there is a cost attached
to cloud services. Sam can back up important data regularly by either exploring the DAS route with a
physical installation or investing in a cloud
storage provider. In this video, you discovered that a server can
take many forms. You are familiar with
the Internet model that is made up of web servers. A database server, however, can act as a database
for your business. You also learned that it is good practice to keep duplicates of your information by creating backups that
run periodically. This protects your information
if anything happens to your primary data set and allows you to restore
an earlier version.
Reading: Types of servers, storage, and backups
Reading
It is fair to say that human error is always possible. Sam from Sam’s Scoops is experiencing an increase in ice cream orders for the month. As a result, backed-up administrative tasks are more than usual and take longer to complete. As Sam rushes to reduce the admin pile, an important file is accidentally deleted. Sam realizes that the file is missing a few days later and is struggling to locate it. Unfortunately, there is no backup of the past week’s administrative tasks. This requires Sam to redo the work and promptly investigate backup solutions to prevent this from happening again.
Introduction
Previously, you were introduced to servers. You explored the benefits of keeping a backup with different hardware and software to achieve this. In this reading, you’ll learn more about servers and demonstrate that different servers can perform different tasks. Keep in mind that scalability can be a strong motivator when picking a method for creating storage and backups.
Servers Revisited
In computer architecture, the server is an essential component of the client-server model. A server will provide a service for a client. Typically, one computer called the server will be reserved entirely for the execution of a given task. Then, additional computers are connected to this server, which awaits a request for a service. Much like your waiter is tasked with taking your order to the kitchen and returning with food, the server is tasked with providing a service to a client. This was highlighted previously when web servers and database servers were discussed.
Types of servers
Generally, the service the server provides determines its name. A mail server will route communication. A print server will await requests to make printouts. A file server provides a common location to store files and folders.
Recall what you learned on computer architecture where a computer’s ‘brain’ is the CPU. A computing server is a computer connected to a network that will perform some CPU-based tasks and return the results. A benefit of a computing server is that the computer will not become slow or unresponsive when making computations.
An application server can host web browsers that have embedded applications. For example, these apps can run a piece of JavaScript code or perform some valuable function for that network.
Storage
Modern businesses often keep their records in a digital format. Much like the application server, a database server will provide the service of returning stored information. Therefore, businesses should think about using dedicated database solutions if there is a large amount of data to keep. If the storage requirements are small, a Microsoft Excel sheet or dedicated accounting software suffices.
RAM, as previously mentioned, is volatile, so if the power is cut, the information will be lost. Therefore, it is crucial to save your information on a regular basis in your main memory. It is worth keeping a backup of your information. There are four considerations when making a backup.
Let’s start with durability.
Durability
Most storage decisions should meet the durability requirement. Data is durable when the information is saved from RAM into a secondary storage location.
The next consideration of a backup is scalability.
Scalability
Purchasing the hardware to act as a database server means you must have money available to acquire the machines. This involves sufficient planning because you need to know how much memory is needed. Buying too much memory is wasteful; if it’s not utilized, it is better to invest the money elsewhere. Alternatively, not buying enough hard drives might require acquiring and configuring more later. This potentially presents an additional expense of hiring a professional to perform the task.
Using the cloud to store the information is preferable in this situation because you only pay for the storage you use. So, if a business wants to expand its current cloud storage capacity, it will pay for more space. Equally, if there is an excess amount of space, it can easily let go of the extra space at no additional cost. This option is often challenging if the hardware was purchased.
Availability
Another key consideration when purchasing a backup is availability.
Cloud storage is always available. Large online storage companies keep duplicates of your data in different geographical locations. So, if an earthquake impacts the storage centers in one location such as America, your data is backed-up and available in another geographical location like Europe. This, however, is dependent on your premises having an internet connection.
If a business decides to keep a backup using cloud storage, the internet connection must be strong enough to access it. This is not a concern for direct-attached storage (DAS) because the database server is not dependent on being online. However, it does require being physically connected to the server to access the information.
The last consideration is security.
Security
Data stored on the cloud is encrypted, and by using one of the big storage companies, you benefit from the protection they guarantee for your data. Note that there are several ways that this security can be overcome. Information online does not guarantee safety, there is a chance it can get lost or corrupted due to viruses, loss of passwords, or an issue occurring with your online storage provider. Alternatively, DAS can be used to retain the data on-premises, but if a business becomes physically compromised, it is vulnerable to cyberattacks.
Conclusion
In this reading, the ideas of storage, servers, security, and backups were discussed. You explored various ways to back up data and the strengths and weaknesses of these solutions. You’ll soon learn about a strategy to create reliable backups.Go to next item
Video: Risk mitigation: Backup frequency
Summary: Data Backup Strategies for Businesses
Challenge: Sam’s Scoops lost data due to unexpected computer failure, causing delays and additional expenses.
Solution: Four-step data backup plan:
- Replication: Continuously copy data, like Word’s autosave.
- Snapshots: Regularly save data throughout the day.
- Daily Backups: Store daily backups off-site (e.g., Cloud).
- 3-2-1 Strategy: Create 3 copies on 2 formats, 1 off-site (recommended for critical data).
Benefits:
- Protects against unexpected shutdowns, hardware failures, and cyberattacks.
- Enables quick data recovery.
- Provides peace of mind and customer trust.
Considerations:
- Different data may have different backup needs (3-2-1 might be overkill for some).
- Technical challenges may arise in choosing the right approach.
Overall:
Regular data backup is crucial for businesses to protect their information and ensure smooth operations. This video provides a comprehensive guide to implementing effective backup strategies.
Data Backup Strategies for Businesses: A Comprehensive Guide
Introduction:
In today’s digital age, data is the lifeblood of any business. Protecting it from loss and ensuring quick recovery in case of disaster is crucial for continuity and success. This guide will equip you with the knowledge and strategies to implement effective data backup solutions for your business.
Step 1: Assess Your Needs:
Before diving into specific solutions, take a step back and analyze your data landscape:
- Identify critical data: Classify your data based on importance and potential impact of loss. Financial records, customer information, and operational data fall under this category.
- Estimate data volume: Determine the total amount of data you need to back up to choose the right storage solution.
- Frequency of backups: Decide how often backups should be taken, taking into account data sensitivity and change frequency. Real-time replication might be needed for critical data, while daily or weekly backups might suffice for less critical data.
- Retention policy: How long do you need to keep the backups? Legal and regulatory requirements might dictate this.
Step 2: Choose Your Backup Solutions:
Several backup solutions cater to different needs and budgets. Here are some popular options:
- Local backups: This involves storing backups on external hard drives, USB flash drives, or NAS (Network Attached Storage) devices. It’s affordable and offers quick access, but vulnerable to physical damage and theft.
- Cloud backups: Cloud storage services like Google Drive, Microsoft OneDrive, and Dropbox offer remote storage with convenient access and disaster recovery features. However, costs can increase with data volume and bandwidth usage.
- Tape backups: Tapes are a cost-effective solution for long-term archiving of large data volumes. However, retrieving data can be slower than other options.
- Hybrid backups: Combine multiple solutions, like local and cloud backups, for greater redundancy and flexibility.
Step 3: Implement the 3-2-1 Rule:
The 3-2-1 backup rule is a golden standard for data protection:
- 3 copies: Create at least three copies of your data to guard against hardware failures and accidents.
- 2 formats: Store the copies in two different formats, like hard drives and cloud storage, to avoid single points of failure.
- 1 off-site location: Keep at least one copy of the data off-site, like a remote cloud server, to protect against local disasters.
Step 4: Automate and Test:
Automation simplifies backup processes and minimizes human error. Set up scheduled backups and automatic notifications for failed backups.
Testing data recovery from backups is crucial to ensure they work as intended. Regularly conduct test restores to identify and fix any potential issues.
Additional Tips:
- Encrypt your data: Protect sensitive data with encryption at rest and in transit to prevent unauthorized access.
- Secure your backups: Implement access controls and strong passwords to prevent unauthorized access to backup storage.
- Educate your employees: Train your staff on data security practices and the importance of proper data backup procedures.
- Review and update regularly: Regularly review your backup strategy and adjust it as your business needs and data volume change.
Conclusion:
Data backups are not glamorous, but they can be the difference between business continuity and disaster. By implementing these strategies and choosing the right solutions, you can ensure your valuable data is always safe and recoverable, giving you peace of mind and protecting your business from unforeseen challenges.
Remember: This is just a starting point. Explore specific solutions and consult with IT professionals to tailor a backup strategy that meets your unique needs and budget.
True or false: Saving your data regularly on your device is sufficient and ensures its safety.
False
Correct! Data integrity has more threats than accidentally forgetting to save it. Therefore, saving your data is not sufficient for properly protecting it but rather safer when a backup solution is implemented.
When you work on any document, are you aware of how often
you press the save button? Perhaps you are quite diligent and make an effort to save your work
on your local machine regularly. Sam, the owner of Sam’s Scoops,
is still experiencing a massive demand for ice cream in the community. Business is booming, and she is so thrilled the team’s
hard work is paying off. However, this rapid progress in business
sales also presents the challenge of more administrative tasks. She diligently saves her
inventory documents often. Despite her efforts, an unexpected
problem has caused the main computer to stop working, resulting in it
being sent off for repairs. Sam’s Scoops didn’t account for
this hurdle, and stress levels are high with the pressure
of keeping up with the local demand. The repair technician confirmed after
assessing the main computer that recent data cannot be recovered but has proposed
a backup solution at an additional cost to avoid this happening again. This situation has caused time delays and additional expenses to fully
restore operations for Sam Scoops. Previously, you learned about
some basic backup solutions. This time, you’ll go deeper and discover some approaches that
would have helped Sam Scoops. In this video, you’ll learn about a concrete four step
plan that ensures the safety of your data in the event of potential issues
occurring in your day to day business. You’ll also start to identify
suitable backup solutions for specific business needs. When it comes to recovery,
you are only as good as your last backup. Sam from Sam’s Scoops is working
on a project using Microsoft Word. Sam checks the Autosave feature
when working on Word minimizing information loss due to
unexpected shutdowns. Suddenly, the battery unexpectedly quits. How much data is safely stored? Only the information written before
the last save is still there. Saving the information is a form of
defense against an unexpected program shutting down. However, if the issue is that
the laptop is lost or damaged, saving the data may not be enough. In this instance, Sam ideally should
have used an external hard drive, USB stick, or some form of online storage,
such as Cloud storage. Only then would the information relating
to the daily activities of Sam’s Scoops be safely backed up. Physically separating a backup from
the original file makes the most security sense. Consider the scenario where a computer
storing your information is physically damaged. With a backup,
the information is recoverable. Think back to a database server solution. Using a database server to keep your
company’s information ensures that the information isn’t lost if something
happens to your primary storage. The best practice is storing
backup data off site, giving you excellent protection so that you have
an alternative way of accessing it. Practicing the following four steps
protects your data from unexpected shutdowns, technological failure,
and malicious cyber activity. Let’s begin with step one replication. This concerns copying data
from one location to another. It’s like the autosave function in
Microsoft Word that keeps recoverable near realtime copies of your information. Step two is snapshots. A data snapshot is a regular
save point throughout the day. It’s good to implement a policy to
schedule automatic saving of all your business information. The third step involves daily backups. In addition to regular snapshots, it’s
beneficial to store your information in a second location that
is not on your premises. Therefore, saving to the Cloud
means that any incidents your business potentially suffers
stops at Cloud storage. Here, additional safety
checks are also carried out. The final step is what is known
as the 3-2-1 backup strategy. The 3-2-1 backup strategy is regarded
as the most effective backup route and relates to creating your backups. If the information is
particularly important, why not create three
snapshots of the data? This is exactly what
the 3-2-1 strategy is. Use two different formats, such as
locally on your computer where you create the information,
as well as on your data server. Ideally, one of these
copies is kept off site. This way, the essential information used
to run your business is always protected. It’s important to note that different data
have different levels of importance, so implementing the 3-2-1 backup
strategy may be considered excessive. However, many recent cyberattack
strategies include removing the legitimate owner’s ability to access their data
instead of deleting it altogether. You may face technical obstacles when
deciding on the appropriate backup approach. This is often daunting. The good news is that throughout
this cybersecurity learning journey, you’ll witness several implementations and strategies that you can
use in your business. It’s also worth noting that when you
deal with other people’s information, there is an element of trust. The customers of Sam Scoops trust that
the necessary due diligence is carried out to protect their data and
provide a timely service. Think of it as an unspoken service
level rule between customers and service providers. In this video, you learned that protecting
data is a significant commitment that any business owner commits to. Additionally, you unpacked backup
solutions that regularly save data, ensuring it is safe with
a quick recovery feature. These backup solutions allow you
to assess your backup needs and implement the appropriate solution. You also learned four practical steps that
protect you against unexpected device shutdowns, technological failure,
and malicious cyber activity.
Practice Quiz: Knowledge check: Servers, storage and backup
Which one of these server types can host web-based applications?
Application server
Correct! An application server can host and run dedicated applications.
Which one of the following definitions accurately defines scalability?
Scalability is having the appropriate infrastructure to grow or shrink depending on the business needs.
Correct! Sometimes the business need for computation or storage is less than other times; being able to grow or shrink depending on need is what is meant by scalability.
True or False: As a means of storage, RAM has high durability.
False
Correct! Consider using cloud storage or another device as secondary storage, because RAM has poor durability.
How many copies of the data is advisable in the four-step practical data-saving strategy?
Three
Correct! The four-step strategy recommends making three copies of your data—two copies on-premises, preferably in two different formats, and one off-site.
The 3-2-1 storage strategy involves maintaining __copies of data on __different types of media, with at least ___ copy stored off-site.
Three, two, one
Correct! The 3-2-1 storage strategy involves maintaining three copies of data on two different types of media, with at least one copy stored off-site.
Reading: Additional resources: Servers, storage and backup
Reading
In learning about servers, storage, and backups, you found that cloud computing presents a preferable backup solution because storage companies store your data in multiple geographical centers, making your data readily available, anywhere. In this reading, you’ll find some resources that detail some more specific advantages that cloud storage has over traditional storage methods:
- Linked servers: Discover how Microsoft enables you to use these for greater storage efficacy. Linking different databases enables you to employ helpful data management strategies if you are faced with large data storage needs.
- 3-2-1 backup: Find out how to use features of Azure Backup to implement a 3-2-1 backup strategy, which is a practical solution that you can implement to mitigate the loss or corruption of your data.
- Server types: You may find yourself asking how many different types of servers there are, and this link to Microsoft’s forum can answer your question. Having a holistic view of all the server types available helps you make an informed decision when weighing up server options.
After reviewing these resources, you’ll come away with a better idea of how cloud storage combines linked servers and multiple forms of replication to maximize the safety of your data.
Computing environments
Video: What are computing environments?
Summary of Computing Environments:
Key Differences:
- Personal: Designed for individual use, basic tasks like web browsing and document editing. Requires less powerful components and smaller storage capacity.
- Commercial: Used by businesses, handles higher workloads with more CPU power, RAM, and specialized hardware. More durable components and higher cost.
- Cloud: Online network dedicated to processing, storing, and running data. Businesses access servers remotely, avoiding hardware purchases and maintenance.
Similarities:
- All three share the same basic processes: input, storage, processing, and output.
- Input devices (keyboard, mouse, etc.) are common across all.
- RAM stores data for processing in all cases.
Usage Scenarios:
- Personal: Ideal for home users with basic computing needs.
- Commercial: Suitable for businesses with larger tasks and data demands.
- Cloud: Best for companies needing scalability, flexibility, and remote access.
Sam’s Situation:
- Needs to increase computing capacity to handle growing customer volume.
- Consider commercial hardware or cloud computing depending on future size and budget.
Further Learning:
- Different cloud computing models and their benefits.
- Security considerations for choosing a computing environment.
Understanding Computing Environments: Home, Work, and Beyond
The world of computers is vast and varied, catering to different needs and preferences. Whether you’re a casual home user checking emails or a professional running complex simulations, the environment in which your computer operates plays a crucial role in its performance and capabilities. Let’s dive into the fascinating world of computing environments, exploring personal, commercial, and cloud setups, and understand how each caters to specific needs.
1. Personal Computing: Your Digital Haven
Imagine your personal computer as your own digital haven, a space where you browse the web, edit documents, and unwind with a movie. Personal computing environments are designed for individual use, typically handling everyday tasks like:
- Web browsing and email
- Word processing and document editing
- Streaming movies and music
- Social media and online communication
- Basic photo editing and graphics
The hardware requirements for personal computers are generally modest, focusing on affordability and usability. You’ll find systems with:
- Single-core or dual-core processors: Sufficient for most everyday tasks.
- 4GB – 8GB RAM: Handles basic multitasking and running multiple programs.
- 250GB – 500GB storage: Adequate for storing documents, photos, and a moderate music/movie library.
- Integrated graphics card: Handles basic video playback and casual gaming.
2. Commercial Computing: Powering Businesses
Move beyond the home office, and you’ll enter the realm of commercial computing environments, where computers tackle more demanding tasks. Businesses rely on these systems for:
- Enterprise resource planning (ERP) and customer relationship management (CRM) software
- Data analysis and reporting
- Design and engineering applications
- Video editing and graphic design
- Running specialized software for specific industries (e.g., medical imaging, financial trading)
Commercial computing environments boast more robust hardware to handle complex workloads, featuring:
- Multi-core processors (4 cores or more): Provide the processing power for demanding applications.
- 8GB – 16GB RAM: Enables smooth multitasking and handling large datasets.
- 500GB – 1TB storage or more: Accommodates extensive data storage needs.
- Dedicated graphics cards: Essential for graphic-intensive tasks like video editing and 3D rendering.
3. Cloud Computing: The Virtual Frontier
Step into the future with cloud computing, where the physical hardware resides in remote data centers, accessed via the internet. This innovative approach offers several advantages:
- Scalability: Businesses can easily adjust their computing resources up or down based on their needs.
- Accessibility: Data and applications are accessible from any device with an internet connection.
- Reduced costs: No need for upfront hardware purchases and maintenance.
- Enhanced security: Cloud providers invest heavily in data security infrastructure.
Cloud computing relies on powerful server infrastructure, with users accessing:
- Virtual machines (VMs): Emulated computers with dedicated resources like CPU, RAM, and storage.
- Cloud storage: Secure and scalable online storage for data and applications.
- Cloud-based software: Applications accessed directly through the internet, eliminating the need for local installation.
Choosing the Right Environment: It’s All About Your Needs
The choice of computing environment ultimately depends on your specific needs and resources. Consider these factors:
- Budget: Personal computers are the most affordable option, while cloud computing eliminates upfront hardware costs but incurs ongoing service fees.
- Performance: Commercial computers offer the highest performance for demanding tasks, while cloud computing provides scalability and flexibility.
- Security: All three environments offer security features, but cloud providers often have more robust infrastructure.
- Technical expertise: Personal computers require basic maintenance, while cloud computing is managed by the provider.
By understanding the differences between personal, commercial, and cloud computing environments, you can make an informed decision about the setup that best suits your needs and empowers you to thrive in the digital world.
Remember:
- Personal computers are ideal for everyday tasks at home.
- Commercial computers handle complex workloads for businesses.
- Cloud computing offers scalability, accessibility, and flexibility.
- Choose the environment that best fits your needs, budget, and technical expertise.
If you’ve ever gone
shopping for computers, you’ve no doubt noticed
the wide range in prices across machines that perform
essentially the same tasks. Why would anyone pay more? Well, beneath the
similar exteriors, are components with
vast differences in power and capacity, and sometimes distinct
specialized parts entirely. Depending on the task, choosing a computer with
capable specifications is critical for achieving
solid performance. Earlier, you were introduced to the various components
that comprise a computer. Recall that this
includes RAM, a CPU, a motherboard, and various
input and output devices. Additionally, you learned about different
operating systems and how they are used to interface between the
user and the machinery. You then expanded
this knowledge to include the concepts of
servers and storage. Now that you are familiar with each of these individual topics, it’s time to combine them
and find out how they work together to make up
computing environments. In this video,
you’ll learn how to distinguish between
personal, commercial, and Cloud computing, and you’ll be able to describe the general usage scenarios that each one is
best suited for. Currently, Sam uses
computers to answer questions and fulfill
orders sent through email. She’s aware that changes
will be necessary to handle the higher volume
as they gain customers. However, Sam is not sure which direction to take
and has asked you to help define the differences
between the computers that people use at home and
those used by businesses. Let’s begin by defining and comparing personal and
commercial computers. As you may have
guessed by the names, personal computers are typically intended for
individual use while commercial computers
are more likely to be the choice of businesses
and organizations, put simply, the primary
difference between the two comes down to size
and processing power. But let’s explore why this is and what it means
in real-world use. For a typical person
using a computer at home, activities are confined
to web-surfing, editing documents,
watching videos, and running a few applications. With a few exceptions, these activities do not consume excessive
computer resources, so there is no need for
top tier components. In contrast, commercial
grade computers are expected to handle more significant
tasks that usually require more memory
and greater CPU power. Depending on the nature
of the business, there might also be a need
for graphics cards or other specialized hardware
components to perform the business need. Thus, while a single
core processor may be sufficient
for personal use, commercial computers
may require a quad-core to handle processing and
networking with other computers. The larger workloads on commercial computers might also demand more durable
motherboards, circuitry, and
casing, leading to a higher cost than for the same parts on a
personal computer. However, note that
commercial computing isn’t the only option for
companies these days. While commercial
computers, where the business norm
for many years, the rise of high-speed
Internet and online data storage have enabled another type of
computing environment. Cloud computing, this
has gained popularity as a solution due to
certain advantages when it comes to scalability
and reliability, among other benefits that
you’ll learn more about later. The main difference between
commercial computers and Cloud computing
is the location. But before you explore
what that entails, let’s take a step
back for a moment. While personal and
commercial computers have their differences as
you recently learned, the fundamental processes they go through are
ultimately the same. Both types take input, access, stored resources,
process the input, and store or return the result. However, how these ends
are achieved differs from a traditional
in-house commercial setup and Cloud computing. Let’s find out how that is. The input types are common
to all three approaches. A keyboard, mouse, touch screen, or another input device
used to take input, which is then loaded
into the RAM. With personal and
commercial computers, RAM can be stored on the
machine taking the input or the task may be sent to an in-house application server. In Cloud computing, however, this input is sent using an online network to
run on the Cloud. Consider what you
previously learned about servers and
how a computer can be dedicated to just running applications or
storing information. Cloud computing is a server
dedicated to processing, storing, or running
data and applications. The fundamental
difference between Cloud and traditional
on-premises or personal computers is
that the hardware that performs these actions does
not need to be purchased. Instead, the business requests an online network
to perform a task, the results of
which are stored or returned from an external site. There are different
climate models that are used to
make this happen, which will be covered
in detail later. In this video, you learned about the key differences
between personal, commercial, and Cloud
computing environments. You discovered that
while each approach handles input,
storage, processing, and output differently, the core components that perform these
operations are the same. You also learned how
these approaches apply to different usages. Specifically, you found
out the personal computers rarely require massive
computation and smaller, less power intensive
parts can be used and on-premises business can expand its size using servers
and more heavy, great hardware
distributing tasks on local application servers. Finally, a Cloud-based
company can utilize the industrial grade
components found with Cloud computing,
utilizing the Internet.
Reading: Traditional versus cloud computing environments
Video: Security in computing environments
Summary: Security for Business Data (On-Premises vs. Cloud)
Key Points:
- Both on-premises and cloud computing need security measures, but implementation differs.
- Goals: Prevent unauthorized access, limit movement within system, have a recovery plan.
- On-Premises:
- Data stays behind secure firewalls and company hardware.
- More control over software and security measures.
- Physical security adds another layer of protection.
- Vulnerabilities: Physical access risk, high cost of security infrastructure.
- Cloud Computing:
- Third-party provider handles data and security, potentially outsourcing responsibility.
- May have robust security infrastructure due to scale.
- Less control over security measures.
- Vulnerabilities: Data exposed through internet transfer, reliance on provider’s security.
- Common Security Measures:
- Gateways: Monitor and filter incoming traffic.
- Endpoint Management: Secure devices like desktops, mobile phones, and servers.
- Identity and Access Management (IAM): Control user access to specific resources.
- Staff Training: Educate employees on cyber threats and best practices.
Remember:
- Cloud and on-premises each have different security strengths and weaknesses.
- Choose the approach that best fits your company’s needs and resources.
- Regardless of approach, strong security measures are crucial for protecting sensitive data.
Protecting Your Digital Fortress: Security for Business Data (On-Premises vs. Cloud)
In today’s digital landscape, where businesses rely heavily on their data, ensuring its security is paramount. Whether you manage your data on-premises or entrust it to the cloud, a robust security posture is essential. This tutorial demystifies the complexities of business data security, exploring the unique challenges and solutions for both on-premises and cloud environments.
Understanding the Threat Landscape:
Before diving into specific solutions, let’s acknowledge the common foes your digital fortress faces:
- Cyberattacks: Malicious actors aim to steal, manipulate, or disrupt your data through hacking, phishing, or malware.
- Data breaches: Unauthorized access to sensitive data, often due to system vulnerabilities or human error.
- Compliance failures: Businesses must adhere to data privacy regulations, and non-compliance can lead to hefty fines and reputational damage.
Securing Your On-Premises Kingdom:
If you keep your data close to home, here are the key security pillars to consider:
- Physical Security: Fortify your hardware with secure facilities, access controls, and surveillance systems.
- Network Security: Deploy firewalls, intrusion detection systems, and antivirus software to monitor and filter incoming and outgoing traffic.
- Data Encryption: Scramble sensitive data at rest (stored) and in transit (being transferred) to make it unusable even if intercepted.
- Access Control: Implement strong authentication and authorization protocols to restrict access to specific data based on user roles and permissions.
- Backup and Recovery: Plan for inevitable disasters with regular backups and a tested recovery plan to minimize downtime and data loss.
- Employee Training: Train your staff on cybersecurity best practices like password hygiene, identifying phishing attempts, and reporting suspicious activity.
Cloud Security: Trusting the Guardian:
Moving to the cloud offers scalability and flexibility, but security considerations shift:
- Shared Responsibility Model: While the cloud provider secures the underlying infrastructure, your responsibility lies in securing your data and applications residing within their platform.
- Data Encryption: Always choose cloud providers that offer strong encryption capabilities for both data at rest and in transit.
- Identity and Access Management (IAM): Leverage the cloud provider’s IAM tools to meticulously control user access and permissions to your data and applications.
- Continuous Monitoring and Logging: Monitor your cloud environment for suspicious activity and log all access attempts for forensic analysis.
- Vulnerability Management: Regularly patch your applications and the cloud provider’s underlying infrastructure to address software vulnerabilities.
- Incident Response Plan: Prepare a comprehensive plan for responding to data breaches or cyberattacks to minimize damage and restore operations quickly.
The Choice is Yours:
Deciding between on-premises and cloud security depends on your specific needs and resources. Consider factors like:
- Data sensitivity: Highly sensitive data may require the stricter controls of an on-premises setup.
- Compliance requirements: Some regulations may dictate where and how you store your data.
- Budget: On-premises security requires upfront hardware and software investments, while cloud security involves ongoing subscription fees.
- IT expertise: On-premises security demands in-house IT expertise, while cloud providers offer managed security services.
Ultimately, the best approach combines the strengths of each model. Businesses can leverage cloud solutions for non-critical data while keeping sensitive information secure on-premises. Hybrid cloud deployments offering a blend of both environments are also gaining traction.
Remember:
- Robust security is a continuous process, not a one-time feat.
- Regularly evaluate your security posture and adapt your strategy based on evolving threats and technology advancements.
- Foster a culture of cybersecurity awareness within your organization by promoting best practices and training employees.
Building a secure digital fortress for your business data requires vigilance, planning, and the right tools. By understanding the distinct challenges of on-premises and cloud security, you can confidently choose the approach that best suits your needs and keep your valuable information safe from harm.
You were recently
introduced to the methods used by businesses for
handling digital data. Specifically the
on-premises approach that utilizes local physical
hardware and cloud computing, which uses the Internet to push those duties to
external parties. You also already know about the potential cyber
threats faced by an individual computer user and how to safeguard
against them. But what happens
when the data of an entire organization
is at stake? By the end of this video, you’ll come to understand the security issues
that concern both on-premises and cloud-based
computing environment. You’ll also leave with
a stronger grasp of the measures that are taken to improve security
within each approach. Previously, you
became familiar with the traditional methods for implementing security
on home computers. Every personal
computer being used to access this video has a firewall filtering the
incoming traffic to ensure no malicious
code is allowed in, which could cause the
computer to perform in ways contrary to the
user’s expectations. Every computer also runs
antivirus software designed to detect and remove
any malicious code that does make it through. These same principles of preventative and
responsive measures extend to commercial computing, both traditional
and cloud-based. However, the
implementation may differ due to the particular
challenges of each approach. Fundamentally, the
steps are the same. Stop unauthorized access, limit mobility within a
system once accessed, and employ a backup strategy
that will help recover from any damage done through
unauthorized access to a system. Although both
approaches to running a business target the same goal, there are some differences in how these steps are carried out. Let’s find out what those are starting with
traditional computing. Recall that traditional
computing keeps the computing infrastructure
of the company on-premises. This means the data does
not have to move across different Internet lines to
be processed and stored. This can be highly
beneficial to companies that operate under strict
regulatory requirements. The software used to
maintain this data is also behind the traditional on-premises security measures, so they offer
greater protection. If an attacker manages to gain access to a company’s
internal operations, they will have to overcome
the internal measures implemented to reduce
unauthorized access. On-premises housing also means
that security is physical. Unlike virtual protection, on-premises security must ensure
the physical well-being of the computers, being able
to access the hardware physically could
allow an attacker the opportunity to upload
some malicious code. Typically, a business will guard against this through
security guards, worker ID cards,
segregated section access, and good sturdy locks. Further measures may include security cameras and tracking
software on the computers. In contrast with
cloud computing, data protection duties are
outsourced to a third party. As such, the company will have less control over
how it is protected. You’ll later learn more about the specific breaches for lights and other dangers that this can leave data more
vulnerable to. Some might argue that the security measures
implemented by these multinational
providers would require more work to
replicate on-premises. But ultimately, the
level of security is only as helpful as the
measures implemented. Establishing good policies
and procedures is vital regardless of how large the lock guard
and your door is, it is only useful if
the building is secure. This principle is
true when applied to on-site security and
cloud-based security alike. Access to cyber infrastructure is gained through gateways. This means the first step in protecting data is monitoring traffic or incoming traffic is vetted before it
can access the system. Next and organization will consider managing the endpoints. An endpoint is any destination from a communication channel. Common organization endpoints could include mobile devices, desktop computers,
virtual machines, which can be thought of as
cloud desktops, servers, and embedded devices, or any specialized devices needed for executing the
business needs. As noted, a physical measure
for protecting a business is providing authorization
cards for employees clear to
be in a given area. How can such a policy
be enforced in the absence of physical locations
within cloud computing? That can be done with the cyber equivalent of this practice, which is known as
Identity and Access Management or IAM,
Microsoft’s Azure, a popular cloud
computing platform can provide all the
cloud-based requirements or business may need. Azure has a dedicated IAM
called Active Directory, which ensures that access
to specific documentation and services is only given
to the appropriate people. We’ll explore how this
is implemented later on. Such management methods
are crucial to protecting a business’s digital
assets because it’s not enough to only
monitor who gains access. There must also be
a means to control what changes they are
allowed to perform. Finally, one of the strongest
measures a company can employ whether on-premises
or cloud-based, is to provide technical
training for staff. Knowing what dangers a company faces is half the battle
of avoiding them. A well-trained workforce is key to organizational security. In this video, you
were made aware of some security concerns faced by on-premises and
cloud-based companies. Some of the high level
concepts you were introduced to include how to access
company resources, what movement is allowed
to a person once inside, and the various endpoints
that a hacker might attack.
Reading: Security in computing environments in depth
Practice Quiz: Knowledge check: Computing environments
Which of these computing environments is most likely to have the most hardware?
Traditional commercial computing
Correct. A commercial enterprise is more likely to need more hardware than a private individual, and cloud-based businesses will be more reliant on cloud-based services.
Which of the following are examples of endpoints? Select all that apply.
Desktops
Correct. Desktops are the end of a communication channel.
Mobile devices
Correct. Mobile devices are the end of a communication channel.
How can using segregation as a defensive measure better protect your assets?
Segregation means that even if a hacker breaches the network, the scope for damage is limited
Correct! Segregation does not make your network more unbreachable; it ensures that the surface area for causing damage is reduced if a breach occurs.
True or False: The 3-2-1 backup strategy makes your organization less prone to hacking.
False
Correct! the 3-2-1 backup is a good policy to ensure you can recover more quickly from a breach. It makes your organization more resilient against ransomware, but it does not make your system less hackable.
Which computing environment would you expect to have the highest start-up costs?
Traditional commercial computing
Correct. The traditional approach to commercial computing typically requires significant start-up capital to overcome the initial cost of acquiring the necessary hardware to run a business.
Reading: Additional resources: Computing environments
Reading
You’ve reached the end of this lesson, and you should now be familiar with the broad types of computing environments that are available and the usage scenarios that each one is most appropriate for. You’ve also become aware that while the same basic security principles of preventing unauthorized entry, limiting access, and recovering from harm can be applied to all computing environments, the means to achieve them can differ, depending on whether a traditional or cloud-based approach is used.
The following resources may help you to further explore the concepts of computing environments and how to secure them.
While this lesson has focused on the difference between traditional and cloud computing, cloud computing itself actually has different implementations. This Microsoft resource provides a summary of several types of cloud computing, along with the advantages of each one: What are public, private, and hybrid clouds?
You’ve learned about the general security measures for protecting gateways and monitoring endpoints in order to detect and deter potential attackers, but you might not be familiar with specific tools that are used to accomplish this. The following resource contains a list of security features within Windows 10 and Windows Defender that can be used and configured to protect a computer or a network: Mitigate threats by using Windows 10 security features.
Because security is only part of the picture, you should also become knowledgeable in methods for backing up data so that it can be recovered in the event of damage or storage failure. This resource details how Azure Storage creates and stores multiple copies of data across locations to ensure a strong backup plan: Azure Storage redundancy.
In this resource, you explored the types and benefits of cloud computing, features of Windows 10 for mitigating threats, and the practice of backing up data through redundancy in Azure Storage.
Using additional resources to help deepen your knowledge is a great strategy.
Maintenance and patches
Video: What is maintenance and patching?
The Importance of Software Updates: Why You Should Never Skip Them
This video highlights the crucial role of software updates in protecting your devices and data from cyberattacks. Here are the key takeaways:
Why updates are essential:
- Address vulnerabilities: Patches fix security holes that hackers can exploit.
- Improve performance and functionality: Updates often include bug fixes, performance enhancements, and new features.
- Prevent data loss: Ransomware attacks like WannaCry and Petya targeted unpatched systems, encrypting data and demanding ransom.
Types of updates:
- Patches: Small fixes for specific vulnerabilities, often deployed urgently.
- Updates: Larger releases with security fixes, improvements, and new features.
- Maintenance: The overall process of managing software updates and patches.
Common excuses for skipping updates (and why they’re wrong):
- “If it’s not broken, don’t fix it.” Updates often address hidden vulnerabilities you’re unaware of.
- “Updates take too long or disrupt my workflow.” The risk of a cyberattack outweighs the inconvenience.
- “Updates only add new features, not security fixes.” Many updates include both.
Remember: Regularly updating your devices is crucial for cybersecurity. Don’t be a victim of ransomware or other attacks simply because you skipped an update.
Additional points:
- Updates can be hot (applied without reboot) or cold (require reboot).
- Maintenance windows are dedicated times for applying updates and scanning for malware.
- Zero-day exploits target unknown vulnerabilities before patches are available.
By understanding the importance of updates and overcoming common excuses, you can keep your devices and data safe.
Why are updates necessary? This is something that
Sam from Sam’s Scoops always wondered about but
didn’t pay close attention to. Sam’s Scoops is flourishing with the sudden growth it’s
experiencing in the community. Sam knows that the envisioned expansion of the business is achievable if the company
continues this path of success. As it stands, the workload
has increased so much that more hands and additional
devices would make life easier. While working at
such a fast pace, Sam makes a common
mistake by postponing the computer updates
to a less busy day. However, so many days
have passed and they notice that the computer
software is slowing down. In addition, and unexpectedly, Sam receives a notification
a day later asking for a ransom to release the businesses
confidential information. If Sam doesn’t comply
and pay the ransom, the cybercriminals will
delete everything on the computer and begin
targeting customers. Hopefully, you’ve
never experienced a ransomware attack like this. Even if you haven’t, you should ask
yourself a question. Is your device currently up-to-date or are you
vulnerable to a cyber attack? In this video, you’re unpack what maintenance and patching are and why they are essential in reducing
vulnerabilities. Software updates take
an existing piece of code and alter it. Motivations for this include adding and improving
functionality, addressing and enhancing a
security-related element, and removing bugs that affect
how a program operates. Let’s begin by learning
what patches are. Patches are for newly
identified shortcomings or dangers in existing software. They are small pieces of
code that only modify the target area without impacting the general
function of an application. The code deployed
is never perfect. Over time incompatibilities
or issues are identified. If the issue is determined to
pose an immediate danger to a system then a patch will be issued to address the
issue immediately. Later, at a scheduled update, a more permanent solution
will be deployed. There are two
categories of patches. First, a bug fix patch
is when an issue is identified with the code and the patch temporarily covers it. The second type is
a security patch. It is when a
vulnerability that can be exploited for malicious
intent is identified. A security patches
then issued to make the software more secure. Patches can be very useful
because they either enhance existing software or make it
more robust against attack. Where does maintenance fit in? Well, patches are designed to prevent and mediate
issues with code. Maintenance is defined as all the changes made to
a code after deployment. This includes all the
patches and updates. An update contains security
and quality revisions and significant feature
additions and changes. Maintenance is done during special maintenance
windows and can include a scan for any
malware and viruses. A patch is further distinguished by how it is implemented. A hot patch is an alteration to the code that does not
require a system reboot. A cold patch requires
the system to be rebooted before the
update becomes active. Understandably, this
can disrupt operations. Regular maintenance avoids or eliminates the need
to repair an item. Patches and updates are
the processes by which software is maintained and
enhanced by companies. Some individuals, however, choose not to implement patches based on the conclusion
that if there is no issues then white
issue and update. Alternatively, a user
may be engaged in a task and the update requires
restarting the machine. They are often tempted to put
off implementing the patch. Generally, updates related
only to functionality, but it is important to
implement them because some updates include patches that have security-related
elements. By updating regularly, your device will be less
vulnerable to cyber attacks. Let’s examine the following
use cases where users were vulnerable to cyber
attacks because they put off their update
installations. In May 2017, a ransomware attack called WannaCry affected
millions of computers. This attack exploited a
shortcoming of Microsoft devices. It resulted in
encryption software being installed
on these devices. The information was held for
ransom by the attackers. WannaCry is an instance
of a zero-day exploit. This is an attack done on a detected unknown floor
in a type of software. There’s no prior
knowledge of the floor and therefore no defense
to fight against it. Microsoft urgently
released a patch to close the loop that allowed unlawful access to prevent similar
future cyber attacks. It’s important to note
that the patch close the gateway that
the cybercriminals use to enter the system. It did not lead to a decryption
of the affected software. Initially, affected
users were forced to pay the ransom or to accept the
data loss on their computers. You may have heard of
another virus called Petya that exploded the
same vulnerability. Computers affected by Petya were systems that
were vulnerable because they did not download and install
the Microsoft patch. Think twice before putting off
your update installations. In this video, you’ll learn to differentiate
between patches and maintenance and why it is essential in reducing
vulnerabilities. You now realize that an
update might relate to adding features or
performance-related pieces of code. You learned that a
patch is designed to address a shortcoming
or security risk. Remember, that an updated
may include a vital patch, paying attention to updates
is always advisable.
Reading: Types of maintenance
Reading
Introduction
The code used in modern software can be very complex. Software development is always evolving, and code written today is formed upon existing code. New software is often a new variation of code that already exists. This means that code written for one purpose is repurposed and used in a later iteration. This can lead to redundant code that potentially acts in ways other than what’s expected. As a result, bugs can creep into a software application.
So, what are bugs?
Bugs are code running in an unexpected manner that sometimes produce an unintended outcome. Additionally, security offense and defense measures constantly reveal new vulnerabilities and potential issues with software applications. To address these issues, code is continually maintained and updated.
In this reading, you’ll explore different approaches to maintenance.
Maintenance
Maintenance is the process of changing existing code. This can be done to address newly identified security risks, eliminate bugs, add a feature, or update software to meet a customer’s need. Upon the release of the software, developers ensure that the software is operating as promised by monitoring it. This also contributes to the software being competitive in the market. Software companies continue to maintain the code while it is in use.
Let’s unpack common maintenance measures.
- Corrective maintenance is designed to prolong the lifespan of your devices and reduce the need for downtime. If an application ceases to function, then it is necessary to repair it. Forced repairs often cause many problems for a business such as bringing operations to a standstill without any warning. Forced repairs are not necessarily planned for and are performed irregularly depending on a need arising. Companies are eager to avoid issues arising from their software. So, there are channels by which customers can report any issues. Ideally, a company finds and corrects an issue before it is reported. One initiative that companies make use of to avoid issues is to offer a reward for bug detection. The sum of the reward is then assessed based on the severity of the bug detected.
- Secondly, routine maintenance is like servicing your car. Performing routine or preventative maintenance involves taking hardware or software and examining it for any issues. This requires taking your device offline. In many cases, applying routine maintenance extends the life of a device. Routine maintenance is the process of managing the application so that it is always up-to-date, secure, and bug-free.
- The third maintenance measure is called predictive maintenance. It’s the practice of applying maintenance due to a signal that failure is going to happen. Signals are determined by analyzing the signature patterns of devices and predicting failure points. It includes changing your software to adapt to new changes, like a new release of an operating system or other prominent technological changes.
So, when is the right time to perform maintenance?
Maintenance tends to be disruptive to the normal operations of a system. Applying a patch or update sometimes requires functional systems to be offline. Companies like Microsoft aim to deploy maintenance measures during geographically dark hours to minimize disruptions. Then, upgrades are deployed in batches so that it is easy to roll back to a previous version if any problem occurs.
Maintenance is implemented with a near-zero-downtime policy. This means that any disruptions to services are kept to a minimum. Once services are rolled out, companies aim to maintain a service level agreement of 99.999 uptime. Basically, great measures are being taken to ensure that any maintenance is non-disruptive.
Conclusion
In this reading, you’ll explore different approaches to maintenance. You understand that maintenance is designed to prolong the lifespan of your devices and reduce the need for downtime. Maintenance is categorized into three measures relating to their intent. This includes corrective maintenance, routine maintenance, and predictive maintenance. If an application ceases to function, then it is necessary to repair it. Maintenance is managing the application to be up-to-date, secure, and bug-free. As bugs are continuously being discovered, therefore maintenance is a full-time job.
Video: Patch management: pros, cons, and challenges
Patching Pros and Cons: Keeping Software Healthy vs. Disruption
This video explores the advantages and disadvantages of applying software patches and updates.
Benefits of patching:
- Security: Patches fix vulnerabilities, reducing the risk of cyberattacks and data breaches.
- Network protection: Patching one device protects others on the network from infection.
- Bug fixes: Updates address bugs that can cause crashes, performance issues, and other problems.
- Compatibility: Patches ensure compatibility with other updated software.
- Improved performance: Updates often include performance enhancements.
Drawbacks of patching:
- Disruption: Updates can require downtime, impacting workflow.
- Unfamiliar interface: Updates may change the user interface, causing confusion.
- Unwanted features: Some updates add unwanted features or degrade performance.
- Productivity concerns: Updates can cause lag or require restarts, slowing down work.
- Interruptions: Update notifications can break concentration and lead to procrastination.
Conclusion:
While patching can cause temporary inconvenience, the security benefits, performance improvements, and network protection outweigh the drawbacks. Most users agree that keeping software updated is essential for long-term health and productivity.
Patching is a computer practice that is as old as
computers themselves. In fact, the term
patch dates back to a time when computing was
performed using punch cards. A programmer would
mark the code on stiff paper to a series
of holes or punches. Updating or changing this code entailed removing certain holes, which was done by placing
patches in their place. This practice of
identifying updates as patches remains in use today. Applying patches and updates is an essential routine
for ensuring your applications
longevity and safety. Users sometimes view update notifications
as unnecessary, and choose to ignore
pending updates. However, doing so
carry some risks. In this video, you’ll
become familiar with the primary
benefits of patches, as well as some of
the negative aspects that may deter users
from committing to them. To begin, let’s consider some of the advantages to accepting
patches and updates. When a vulnerability is
discovered in an application, the developer
responds with a patch to mitigate the
risk of infection. However, announcing the
vulnerability does mean that both good actors and bad ones become aware
of its existence. The fact that the patch exists
is a reason to apply it because the issue is now also
known to potential hackers. Patches can also prevent breaches that expose
sensitive data. A company’s reputation
becomes severely damaged when they cannot protect their
customers information. A patch helps to mitigate potential breaches when
vulnerabilities become known, and keeps the company
in high regard. Keeping devices up-to-date
helps to prevent other devices on a network
from becoming infected. If a seemingly minor device
on your network is attached, then patching it could
potentially seal a gateway through which more important
systems are impacted. Even when vulnerabilities
aren’t an issue, patches are often
developed to fix bugs, or other floors in a system that might
affect performance. To prevent system
crashes and periods of offline activity that
would halt productivity. Keep in mind that updates
aren’t limited to addressing
vulnerabilities or fixing things that are wrong. There are other reasons why you might want
to add patches. For example, they
ensure that your system stays compatible with
contemporary software, which itself is being
updated constantly. With all these benefits, why wouldn’t a user want to install all updates
that become available? Well, they are often viewed
as a disruptive procedure, and may also result in unwanted changes to an
application or workflow. Let’s observe some of the specific difficulties that
are frequently brought up. A business may need to take a critical system offline
to perform an update. This can hinder the operations of a business significantly. Some companies are
understandably hesitant. Often, necessary updates
are scheduled for appropriate times that
produce the least impact. There are also concerns
of how an update can make a familiar working
environment unfamiliar by changing the layout or removing
previously used elements. Some patches also add functionality that
is not required, and may even degrade the
performance of other features. Some users become reluctant
to accept updates due to poor experiences that change the interface in a way
that was undesirable. Finally, there are worries
about effects on productivity. For example, a system
may experience lag or require a restart to
implement the patch. This in turn slows or halts any other
activities in progress, which deters many users
from implementing a patch. The very act of installing an update can also
break the flow of concentration if a notification appears at an inconvenient time, and differing once or twice can quickly build into a habit. In this video, you were
introduced to some of the pros and cons of accepting
updates and patches. Some of the inconveniences include breaking the
flow of your work, temporarily having to
take your system offline, and potentially
changing layout or otherwise altering the flow
of a once familiar program. However, most users
would likely agree that the advantages of implementing updates outweighs
the inconveniences, namely the lowered
risk of attack, increased safety for other
devices on the network, elimination of bugs and flaws, and improved performance and productivity in the long term.