How to Upgrade An Unsupported OS: An In-depth Checklist

Last week, the US Congress officially signed a bipartisan law, The Internet of Things Cybersecurity Improvement Act of 2020, or the IoT Cybersecurity Improvement Act of 2020. Sponsored by Reps. Will Hurd (R-Tex) and Robin Kelly (D-Ill), the law was made to establish that the government purchases only secure devices and closes existing vulnerabilities. The legislation mostly affects U.S. federal government applications, vendor partners, equipment manufacturers and stakeholders that deal with the federal government. However, this law has the potential to have ripple effects that extend beyond security safeguards for government entities, with those in the private industry and consumers more than likely also benefiting from new connected device standards.

Organizations that operate in the enterprise space – healthcare, insurance, banks, etc. – have unique and challenging cybersecurity compliance obligations. Enterprise data is, after all, frequently targeted.

Keeping servers safe and keeping them secure and compliant, becomes a full-time job, one that can’t be left to chance, one that must be fully automated and fully supported. To do that, you need a live patching tool that integrates with automation tools and vulnerability scanners, one that is supported with the latest patches, and one that lets you decide what patches are rolled out across your organization and one that runs inside the firewall. A live patching solution not only makes software updates easier, but it also keeps you compliant with two sections of FedRAMP requirements including flaw remediation (SI-2) and malicious code protection (SI-3) of Security and Privacy Controls for Information Systems and Organizations.

Bad actors continue targeting government organizations these days. Along with increases in targeting technology, attacks focused on government targets nearly doubled in 2019 from 2017. Most notably, this included significant jumps in both reconnaissance activity and application-specific attacks. This has been helped by an increase in internet-delivered services designed to help citizens get regional or local assistance. Unfortunately, those same internet-enabled applications have provided additional opportunities to attackers and led to large data breaches impacting federal and state agencies in the US.

Meeting System and Organization Controls (SOC) 2 compliance is more than just a simple process implemented once to pass an audit. Permanent procedural changes are tedious and time-consuming but are necessary to ensure that the organization can pass a SOC 2 audit. It’s more than simply supplying a paper trail to a CPA. You must have the right controls and tools in place to maintain compliance permanently or risk violating compliance standards. Losing SOC 2 compliance isn’t an option for most organizations, but the right tools will keep you compliant and help facilitate continual compliance in future audits.

The coronavirus pandemic is affecting companies of all sizes all over the world and significantly impact on how many service companies deliver their services. The recommendation for social distancing is driving many employers to direct their employees to work from home, which may represent a material deviation from how they perform their daily tasks. But compliance activities don’t have to be put on hold during these challenging times. Below you can read about some of the tools we use to achieve and retain compliance while being a completely remote company.

At KernelCare, we've known about SOC 2 for some time. We've had customers tell us that our Linux kernel live patching product helped them with their compliance certification efforts. Although KernelCare doesn't handle customer data, we thought we should follow the good example set by our SOC 2-certified customers and become compliant. We would get to know our customers' use-cases better, and improve as a company.

So, I'm excited, and a little nervous, to share with you the start of our own SOC 2 compliance journey. I will share more as we progress.

Our KernelCare webinars on live patching technology and applications are growing in popularity.

So, we’re happy to tell you about another. As before, this one is in partnership with a technical architect from Amazon Web Services. And we’ve invited a prominent and established KernelCare customer from the insurance sector, Efinity.