Security maintenance vs support: what’s the difference?

One of the most frequent questions we get during conversations with our customers is “What’s the difference between security maintenance and support?” The word “support” has a wide range of meanings and can be interpreted in different ways depending on where it is used.

Especially in the open source landscape, the terms “security maintenance” and “support” are often used interchangeably, even if they represent distinct aspects of protecting an organisation’s assets. 

In this blog post, we will delve into the differences and the synergy between security maintenance and support, highlighting their unique roles and importance in safeguarding our digital environments.

Understanding security maintenance

Security maintenance is part of a set of proactive and reactive measures that companies take to protect their systems, applications, and data from potential threats. It involves implementing security best practices, keeping software up to date, and performing regular vulnerability assessments, with the aim to prevent security breaches and minimise the risks associated with cyberattacks.

The key elements of security maintenance are:

1. Vulnerability scanning: Performing continuous vulnerability scans to identify potential weaknesses that can affect infrastructure and applications allows companies to take remedial actions before they are exploited by malicious actors.
2. Patch management: Regularly developing and applying security patches to software, operating systems and applications is crucial for addressing known vulnerabilities and strengthening system resilience.
3. Access controls: Implementing robust access controls, such as strong authentication mechanisms, user permissions, and encryption, ensures that only authorised individuals can access sensitive data and systems.
4. Security assessments: Conducting regular security assessments helps evaluate the effectiveness of existing security measures, identify potential gaps or weaknesses, and implement corrective actions.

Understanding support

While security maintenance focuses on measures to prevent and minimise security risks, support comes into play when issues arise or when additional expertise is required to address specific challenges. Support services provide troubleshooting, break fix, bug fix and guidance to organisations when they encounter difficulties with their technology infrastructure or face complex issues.

The key aspects of support are:

1. Technical assistance: Support services offer knowledgeable experts who can provide guidance, answer questions, and troubleshoot issues related to software, hardware, or network infrastructure. The most relevant and common cases are usually converted into articles as part of a Knowledge Base so that they remain available for future reference.
2. Break fix: Support teams help diagnose and resolve technical problems that impact a system’s stability, performance, or security. They provide timely solutions to minimise downtime and ensure smooth operations.
3. Bug fix: In complex situations, support services provide issue analyses and bug fixes, and can act as a bridge between an organisation and the upstream, when working on open source software. They also speed up the issue resolution when the upstream release schedule is not fast enough to mitigate business critical issues.
4. Incidents’ mitigation: In case of urgent, disruptive issues, support providers not only commit to restoring the system as soon as possible but can also provide tools or offer training and knowledge transfer to empower internal teams to handle similar challenges in the future.

The difference and synergy

Security maintenance and support are complementary aspects of an effective cybersecurity and stability strategy. While security maintenance is part of a continuous process that focuses on measures to proactively protect systems, support is a user-triggered service that comes into play when incidents occur or when additional expertise is required to address complex issues.

By ensuring proper security maintenance, companies can minimise the likelihood of security breaches and vulnerabilities in their systems. However, especially in complex infrastructures, things can break because of corner use cases, bugs or other unforeseen reasons. In all those cases, relying on a support service helps resolve issues promptly and effectively.

Let’s consider an example:

Imagine a financial institution that diligently performs security maintenance activities such as vulnerability scanning, patch management, and access control by itself or with the help of an external provider. Despite their best efforts, they encounter a critical issue that breaks their system and requires immediate restoration. This is where support services become extremely valuable. The support team can quickly analyse the problem, provide expert guidance, and fix any bugs, wrong configurations or wrong component versions that caused the issue. They can also assist in remediation efforts, ensuring minimal impact on the organisation’s operations and customers.

The table below briefly summarises the main aspects that differentiate security maintenance and support:

Security Maintenance	Support
Continuous process	On demand process
Aims to prevent security incidents	Aims to restore systems operability
Patches often distributed broadly	Fixes often applied to specific use cases

Conclusion

While security maintenance and support are closely related, they serve distinct purposes in maintaining a digital environment secure and stable. Security maintenance establishes a strong foundation by implementing preventive measures in a way that is often transparent to the user, while support services provide crucial assistance during incidents or complex issues management in a way that is responsive to the user’s request. Together, they form a powerful combination that helps fortify an organisation’s cybersecurity defences and ensure business continuity.

By prioritising both security maintenance and support, organisations can effectively navigate the ever-evolving threat landscape and protect their valuable data, systems, and reputation.

Working with Canonical

If you are looking for a provider for both security maintenance and support on open source infrastructure and applications, read more about Ubuntu Pro or contact us for more information.