Logo

Updates - a cause for unease?

25% of UK employees have previously had a dispute with IT staff about the importance or frequency of updating their work devices. Surprisingly, UK IT teams tend to agree with such demands and let two-thirds (75%) of staff skip installing updates on certain software or OS at all. This was revealed in a study commissioned by Kaspersky to explore workers’ attitudes and habits toward updates.

Updates not only bring new functionality and fix bugs, but also address security vulnerabilities. And once a security update is released, malefactors know about these issues. That is why patch management is essential for corporate security. However, some staff members are reluctant to update their work devices, meaning that there are vulnerable computers, laptops and smartphones in the corporate network.

Worryingly, these disagreements bring about the desired results for employees. Respondents who argued with IT about updates were asked two questions – whether they were allowed to skip updates (75% said they were) or whether they were allowed to choose what to update (the same 72% chose this option).

Employees may request these options because they are afraid that the time spent updating may affect their productivity. More than half of UK respondents are actually distracted from work because of updates: 48% take a break from what they were doing and 7% just wait patiently at their desk. Difficulties don’t end at the installation stage, as 49% of employees agree that learning new versions of software is a waste of time that could be spent doing their job.

What do you typically do while waiting for your work device to install updates?

Overall, 49% of respondents stated that they are less concerned about updating their work devices than personal ones, suggesting that keeping work devices up to date is an insignificant consideration.

“We recommend employees regularly update their devices – it will not only keep them protected, but each update takes just a few minutes. This short downtime can be used to recharge body and mind without any harm to business processes. For example, employees can use a short, simple set of exercises from the cheat sheet created by Kaspersky. It can be sent to colleagues, so they can print it out and take a look once updates are underway,’ - comments Elena Molchanova, Head of Business Development, Kaspersky Security Awareness Trainings.

To help IT staff to encourage employees to regularly install updates, Kaspersky recommends:

•Preparing instructions or video lessons on how to use the updated software. Provide contacts for people who employees can reach out to in case of any issues

•Informing staff about the importance of timely updates and what can go wrong with their data and the company’s assets if cybercriminals exploit unpatched security issues

•Warning employees that if they put off updates for a long time, their devices can install them automatically and restart their devices when they are busy with urgent tasks

•Implementing a security awareness course that covers this topic, such as Kaspersky Automated Security Awareness Platform

•Downloading and sharing the Kaspersky cheat sheet with exercises that help with ‘tech neck’

•For critical IT or operational technology systems, it is important to always be protected regardless of delayed updates. This means systems should only perform predetermined activity. KasperskyOS supports this concept of Cyber Immunity and it can be used to build IT systems that are secure by design.


83% of respondents believe their organization is at risk, while 64% anticipate the problem escalatin...
Aqua Security has released the results of its 2021 Cloud Native Security Survey revealing the knowle...
Sophos has acquired Braintrace, further enhancing Sophos’ Adaptive Cybersecurity Ecosystem with Brai...
Tanium study finds that organisations can save money as they grapple with issues such as mass remote...
SentinelOne endpoint detection and response products are now available directly from ConnectWise.
Following cyber-attacks last year against Israel’s water utilities the authority has already made a...
Jointly developed network threat detection service helps cloud customers solve critical security cha...
Dataquest Group has signed a deal with Acronis, offering the most effective ways to store, protect a...