According to this Dark Reading report, we’re surrounded by systems that can’t be patched because they are vendor-managed systems, medical devices, and embedded systems that are stuck at a particular operating system version and patch level due to a variety of reasons. This article offers tips and advice on how to protect your network from the unpachable.
“So what are we as security professionals left to do when faced with these unpatchable systems? We could be jerks and force them all to be unplugged. Or we could work with the individuals who use them daily so as to not impact their productivity while protecting them and our network.
“For example, you should segment these devices from the rest of the network. If they don’t need Internet access, don’t let them have access, or if they do, force them through a highly restrictive proxy. If they don’t need to be on the network, then remove their NICs or fill the ports with epoxy.”