I like to cook. I enjoy eating what I prepare, and I also enjoy feeding other people. And I know how important it is to use the freshest ingredients — not just for their taste, but for health reasons. Nobody wants to serve their guests a delicious plate of food poisoning! That’s why no matter how many ingredients are in the recipe or how complicated it is, I always make sure I’m using ingredients that haven’t passed their expiration date.
Cybersecurity is similar. To keep your users and your data safe, you have to know about your ingredients — that is, the details of your network environment. What hardware and software do you have? What versions are they? What are their end of life dates, and how close are they to passing those dates? You need all of that information in order to protect sensitive data and make smart decisions that foster growth and scalability.
Here’s the critical difference between the two, though: some food is still perfectly edible long after the date stamped on the package. IT assets? Not so much. They might still work, but once they pass their end of life date, they’re an instant hazard, and not a small one. Remember Home Depot’s security breach in 2014? Were you one of the 56 million customers notified that their payment information might have been compromised? I was. And I wasn’t thrilled about it, especially when I found out that the breach happened because Home Depot’s POS devices were running an old version of anti-virus software.
Home Depot incurred $252 million in expenses for ignoring that expiration date (or, maybe, for not knowing about it in the first place). Don’t risk a similar fate. Take steps now to increase your visibility into all your IT assets so you know when one of them is on the verge of going bad.