fbpx
1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

Security and Compliance – What Your Company Needs to Know Part 2: MBSA

MBSA Security
Written by SPK Blog Post
Published on September 19, 2017

You need more than just an antivirus and security suite to keep your system safe. You need multiple, non-redundant solutions covering various aspects of network security. In our last blog, we discussed the role of whitelisting in keeping your network secure. Now we’re going to discuss a tool from Microsoft, which can be downloaded free of charge so you really have nothing to lose and plenty to gain.

Microsoft Baseline Security Analyzer (MBSA) operates on Windows machines to look for basic misconfigurations and vulnerabilities in IIS, SQL, windows administration settings, and password creation. It provides a quick way to check for missing Microsoft updates on non-domain and embedded systems. These are some of the first places malicious hackers start looking for ways into your system. The program also finds where your Microsoft software needs to be patched over, preventing malware from exploiting existing and known vulnerabilities in your system through a failure to update Microsoft software. Among other things, MBSA automates searching for new software updates you haven’t installed.

The most important piece of security is regularly updating all of your applications, including the operating system. Lower-level hackers and malware producers generally target known exploits that have already been patched over. They’re looking for the machines who haven’t updated their systems and are still working on exploitable software. Updating your applications and operating system is one of the best ways to maintain the security of your system. MBSA will quickly identify any machines on your system that do not have access to regular, automatic updates, allowing you to manually update as needed. While the application is at it, it will link you to articles on the Microsoft website letting you know how you might be personally impacted by the updated.

Such robust security is absolutely critical in the world of medical devices, which have been called “the next security nightmare” by WIRED. Hacking medical devices isn’t a thing out of a science fiction thriller, but a pressing security concern in the here and now. MedJack, for example, readily available malware on the Dark Web, infiltrates a single device, then fans out across an entire network.

Remember that every point of contact on your system is an opportunity for a hacker. Once your system is hacked, all of your devices in development are vulnerable. From there, your company could have to deal with production grinding to a halt or even a massive recall like the kind that impacted over half a million pacemakers in August 2017. Securing your company’s devices begins with securing your network. Even barring security loopholes, your devices might just not run properly without regular updates on your end, once again raising the specter of a recall.

There are potential vulnerabilities in every security solution you and your security team should be aware of. If you’re not regularly updating MBSA, it might be working from old data and not providing updates other users need. This is especially true of machines that are not connected to a network or are sporadically connected to a network.

All told, however, MBSA and whitelisting will take a lot of pressure off of your engineering team, allowing them to do what you’re paying them to do with their time — create and improve your products. SPK and Associates can help you to best leverage tools to keep your system safe and your engineers on task.

To learn more about security, specifically as it applies to innovations in Smart Medical Devices, read our latest white paper, Navigating Compliance and Cyber Security Concerns in Smart Medical Device.

Latest White Papers

Costs and Benefits of Moving a .NET Application to the Cloud

Costs and Benefits of Moving a .NET Application to the Cloud

Do you know the full cost and benefits of moving your .NET application to the cloud? In this guide we’ll cover everything you need to know about your .NET cloud migration. Is this guide for you? If you’re faced with outdated legacy systems and the pressures of digital...

Related Resources

What is Observability And How Can It Optimize IT?

What is Observability And How Can It Optimize IT?

Your IT architecture is anything but simple. In fact, it’s more like the complex, yet silent spinal cord of your business functions. But what can you do when something goes wrong? Monitoring tools give you a partial view into business performance (or issues),...

Planning for Windows Server 2012/R2 End of Support

Planning for Windows Server 2012/R2 End of Support

Windows Server 2012/R2 is well integrated into business environments globally. However, as announced by Microsoft, its end of extended support is approaching in October 2023. So, if it’s not doing so already, it’s time for this change to start looming large in your...

Protecting Sensitive Data in Highly Regulated Industries

Protecting Sensitive Data in Highly Regulated Industries

How do you keep sensitive data safe in highly regulated industries? Is it better to stick with your tried and tested on-prem solution? Or, is it time to believe in the cloud’s promises of better security, scalability, and innovation? Your organization is at a critical...