An important element in this is not to ignore messages about security updates for too long. Security updates are messages sent to your computer urging you to carry out an update. These updates help to strengthen protection against the constant attacks to which your computer and our common IT systems are subjected. If you ignore them for too long, you will become a target for IT attacks.
Therefore, we want to urge everyone to ensure that security updates are handled within a reasonable period and not to defer them for too long. To increase protection, as of 5 December a maximum limit of 14 days will be introduced for how long updates can be delayed in Lund University’s managed client solutions. If required, after 14 days any security updates will be installed on your computer – it will not be possible to interrupt this process.
A forced update is often fast but can sometimes take up to 45 minutes. Forced updates may take place at inconvenient times such as in the middle of an important meeting or during a lecture. To avoid forced updates, we recommend that you instead plan your security updates. Different options are listed below:
- Do not put off updates for too long, avoid being in a situation where you are locked out.
- Implement a routine of always restarting or turning off the computer on a Friday before the weekend. In this case, the security update will be done in connection with the restart/turn off and your computer will also feel better from having the occasional rest.
- Take a restart break – let the computer update its protection while you have a cup of tea/coffee. Security updates are usually issued on the second Thursday of the month. Select “Update and restart”.
What can happen if IT security is inadequate?
Kalix Municipality was hit by an IT breach in its servers that led to serious consequences for their organisation. It soon became clear that it concerned a ransomware attack, in which a ransom payment is demanded. Instead of paying, they turned off all the servers and started an extensive reset process. They had to resort to working in a completely analogue way until they succeeded in building up their systems again. The IT breach affected all activities within the municipality such as schools, social care and service and maintenance, and resulted in an enormous amount of extra work as well as increased costs. In today’s digital world, this is every organisation’s nightmare.