As COVID-19 (Coronavirus) continues to disrupt and create uncertainty in our daily lives and business, Alvaka Networks wants to focus on helping companies keep their employees, community, and businesses safe by educating and assisting in remote work strategies. Alvaka continually [...]
If Senator Boyle and cosponsors—Senator George M. Borrello of the 57th Senate District and Senator Sue Serino of the 41st Senate District—get their way, municipalities in New York will be banned from paying ransomware demands to get their vital public [...]
I just read an article that is full of great information on protecting your backups from a ransomware attack. The article states what I have long said, you must practice security in layers. No one tool or solution is going [...]
We have been involved in a lot of different ransomware rescues. Here is a new one, gambling casinos. Yes, it turns out some casinos are just as vulnerable as the rest of the business population. Even some of the casinos with [...]
Cyberattacks are becoming an increasing risk for SMB owners. Unfortunately, the majority think they are immune to these attacks and continue using free cybersecurity software. It’s only when it becomes too late, and when the company is already victimized by [...]
What is Ransomware? Ransomware is a tradename for potentially entity killing malware of a variety of classes. In general, the cybercriminals infect computers with malware that can spread and take over an organization’s entire computing environment, from desktops and laptops [...]
What you don't see The devastating aspect of ransomware is that the majority of firms discover that hackers have been present in their network after it’s too late. Also, many firms who fall victim to ransomware state that “no evidence [...]
Necessary cybersecurity habits such as software patching and vulnerability assessments/penetration tests should not be disregarded due to having cyber insurance. On a related note, Alvaka has recently acquired two clients who needed recovery from ransomware attacks, one client had roughly [...]
My sister sent me a link to a story about a bitcoin heist in Iceland (of all places). Yes, that little tiny island country of 330,000 people on the edge of the arctic circle in the North Atlantic. It is [...]
If you have Mailworx from Alvaka, or a similar email spam filtering solution, then good for you. If you do internal education and phishing tests of your employees, then double-good! At Alvaka Networks, we have seen a number of business [...]
Smoke testing is a term used to describe the testing process for servers after patches are applied. The process typically involves making sure servers are rebooted in the right order, making sure they have completely rebooted, restarting applications in the right order, and then testing to be certain everything is working properly when users return to work in the morning.
This typically takes 30 minutes per server, depending upon your environment.
PCs are not typically smoke tested, or if so, not all of them.
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
There are many variables to consider. Some are:
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
For example, someone making $80,000 per year will typically work 52 weeks of 40 hours, or 2080 hours. $80,000 divided by 2080 is $38.46/hour. Multiply that hourly rate by 1.3, and you get $50.00/hour. Of course, rates of pay, taxes and benefits will vary from city, state and company; but 30% is usually a good number to use. Don’t forget to account for time-and-a-half or after-hours rates of pay if patching is being done in the late evening, early morning, or weekends (in order to avoid impacting user productivity).
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
If you are presenting to management for a budget, and using this calculator as the basis for a Return on Investment (ROI), you will need to do more homework. An ROI measures as a ratio of the cost of investment against its expected benefit. For patching, calculating benefit can be very difficult to determine. How do you measure the cost of a system breach you have not yet had? You can estimate what expenses, penalties, and losses a company might incur when a breach occurs; but there is no certainty of a breach event and what those costs actually are. There are also regulatory compliance issues and/or potential fines for not patching, but those, too, can be vague. For calculating these potential risks and costs, it is advisable to enter into a discussion with your management team.