Chip security: a lesson in management

Up until recently, the term spectre would probably have been associated more with James Bond than computers. In Bond films, supervillains plot to destroy the world through various spectacular means whereas the recent spectre alert is a vulnerability discovered on computer chips that could have had a devastating impact on the world.

Here are three lessons to take away from it.

1. Update your software immediately as a new patch is released

Many jobs in IT can be scheduled in when they are convenient. Software updates, however, arguably now come under the category of “urgent, apply immediately”, even if they’re not actually specifically labelled “security updates”.

The fact is that, these days, most people and certainly most organisations store much of their key data in digital format. Having that data lost, stolen, damaged or ransomed would almost certainly cause huge inconvenience at best and catastrophic loss at worst.

Updating your software includes using an up-to-date operating system. While it’s understandable that people might want to wait a few months before moving to a new release (just to make sure it’s stable), there is absolutely no excuse for sticking with antiquated systems such as Windows XP, in fact it is pretty much an open door to cyber criminals (as the WannaCry virus so clearly demonstrated).

2. Accept the fact that technology may go through a period of slowdown

In the early days of Intel, Gordon Moore made the observation that the number of transistors in a dense integrated circuit doubled approximately every two years. This became known as Moore’s law and it held true for decades but, even before the recent security scare, the rate at which transistors were being crammed onto chips was starting to slow as environmental sustainability and the growth of mobile devices both demanded an increased focus on efficiency, particularly power consumption.

Put this together with the recent security scare and it’s highly likely that manufacturers will take some time out to look at how processors work, possibly even rebuilding them from the ground up to lay solid foundations for future development.

3. Assume you will need the help of an IT managed service provider

At one time, companies often aimed to have all IT support provided by in-house staff and even today, businesses – particularly larger ones – may well have in-house staff dedicated to IT functions. There is nothing wrong with this as such, in fact, it can be very useful.

The fact remains, however, that the IT landscape has now become so vast and so complex that managing it effectively (and keeping systems and data safe) often requires specialist knowledge, which can be way beyond the realistic scope of the average SME.

External IT service providers dedicate their entire time to staying up to date and understanding precisely what their clients need, something that an overworked internal IT professional often cannot keep up with. It is, therefore, a must that SMEs make sure they get the professional help they need to keep themselves safe.