Part II of III
On my last blog post we discussed how important it is to patch in today’s technology driven world. I also emphasized how we, as a technology company, have a big focus on making sure our clients are kept up to date with Microsoft’s security updates. What were some of the challenges we came across and how did we overcome them? Why do we only focus on the security updates if there are so many other updates that Microsoft publishes? How did we reach this decision and make it a part of our patching policy?
Well, it all began years ago when we first started our Managed Services offering. As part of the Patch Management service, we would apply mostly all available updates across our clients. It soon became apparent that we were going to need a different method, as systems started to break. Obviously, this was a major problem as we had service level agreements (SLA’s) with our clients and they had their own SLA’s with their clients. So we had a lot of pressure to ensure our customers’ networks remained online at all times, while also staying reasonably current with updates. After spending countless hours across multiple clients troubleshooting different client applications and systems, we soon realized that not all patches were good. What were we accomplishing by installing a patch that would resolve a Windows Media player issue and cause a critical system to stop responding? Once we compared the benefits versus the disadvantages, we soon determined that deploying only critical updates to reduce security risks was the best method.
Now obviously this doesn’t mean we won’t deploy other non-security Microsoft updates ever… Whenever our clients require a non-security update or service pack we create a project plan which allows us to focus our resources for testing and to ensure the requested updates will install properly and reduce any chances for major system outages. To date, this has proven to be the most effective method to test and deploy non-security updates.
Return to Part I of this series, Patch Management 101 or continue to Part III, Third Party Application Patching.
