To Patch or Not to Patch
VCalabrese
April 20, 2010 under Services
Should you update your computer or not? For the average home user we would recommend updating the system as often as possible to make sure you are protected against known vulnerabilities, however, for the business user their work computer presents a more challenging decision because the uptime of the system is crucial to the business’ daily operations. When updating any piece of software, especially the operating system, one runs the risk of compromising the operating system, an installed aplication, or a driver. You may run a patch for the operating system (OS) which causes an important application not to function properly. One example of this was when Microsoft released Service Pack 1 (SP1) for Windows XP; although this was a Critical Update that addressed important vulnerabilities it caused significant issues for many applications. Many of these issues were not addressed until Microsoft released Service Pack 2 (SP2) months later. This was a minor nuisance for the average user but was a critical business issue for many organizations. The organizations that were managed by a knowledgeable IT staff did not suffer the same complications as those that were not. Many IT managers, and Managed IT Service Providers did not allow the Service Pack to be deployed because of the various issues they uncovered during testing. This was a relatively easy issue to diagnose because the update was so big that when something broke it was very evident what the issue was. However, there are many smaller patches and updates which get installed silently that have the potential to cause similar issues and are very difficult to diagnose; add to this the variety of environments that are out there and you get an almost endless number of possible outcomes.
A good Managed IT Services organization or IT department runs their own patch/update server and tests every update against the specific environment in question before approving the deployment of the update. This allows the IT administrators to ensure all approved patches will not interfere with the business processes.
Another reason for having professionals manage your patches/updates is that just because a patch is made available by the software manufacturer does not mean that the specific environment requires it. IT administrators can read the release notes put out by the software company and decide whether the patch is important enough to deploy. Reading and understanding the release notes is why a professional is needed to decipher between what should be installed and what should not. As with any profession (doctor, lawyer, accountant) you have to be able to understand the notes and correlate them to the environment in questions, once you understand the ramifications you can decide what is valuable to that specific environment and what is not.
The final and equally as important point occurs when something goes wrong; most users may not be able to reverse the damages caused by an update and may find themselves with a non-functioning system. This would affect the business’ work flow for some time and may even require a professional to intervene in order rectify the situation.
The best thing a business owner can do is to concentrate on what they do best and leave the IT management to seasoned professionals.
Tags: administration, it administration, managed services, patch, service packs, updates, vulnerabilities
Have your Say- Post comments here: 1

