How to avoid getting affected by Vendor’s Bad Updates?

It has become apparent lately that Vendors accidentally release problematic updates for devices and software. These updates introduce a severe threat to business continuity. Moreover, IT departments put a tremendous load to troubleshoot and resolving those incidents. Let’s see what we can do to fortify businesses.

Updates

So why are these updates are Vendor’s trojan horses of so many problems?

The code size is one of the most significant factors. For example, windows 95 has roughly 15 million lines of source code in comparison to Windows 10 that has over 50 million. Another factor is the Speed of source code changes not adequately tested. Many companies cannot trial the updates properly. The Diversity of OS and Versions that receive the updates make this even more complex. Inevitably make end systems of businesses their testing systems.

How can IT Departments prevent this from happening?

Every Business should have a specific IT policy for handling the updates. That should be agreed with the Business management making the expectations and responsibilities very clear.

  1. Group your systems with different criticality. Critical, High, Medium, Low are some of the groups you can use.
  2. Create a group of pilot users that always will receive the client updates first (Windows Updates, other critical updates). Pick mostly power users that will give you good feedback.
  3. Avoid pushing updates the first three days of initial release from the Vendor. Usually, other Businesses are already affected (hopefully not yours), so you will read about those on Tech News.
  4. Set a monthly date for releasing the updates to the pilot user group and devices low group criticality group first.
  5. Set all the remaining servers, users, and devices at a minimum of three days later. That period will give you enough time to react to feedback with potential issues from the pilot groups.
  6. Make sure you have a valid backup before updating. Backup might not seem related to patching, but this is one of the most critical steps and the last resort solution if everything else fails. So, make sure the backup is running correctly before the release of the updates.
  7. In case of Critical Vulnerabilities that leave your systems exposed, you have no option but to patch them immediately. Double-check again that your backup is working.

You can automate 95% of the above, so don’t get overwhelmed by the steps you should follow. Click here to read an article about a recent serious incident that occurred after bad windows 10 update released.

If the above sounds confusing, very technical, or just time-consuming for your current capacity, we are here to help. Contact us by Clicking Here. We are helping businesses to stabilize and optimize their environments. We also offer monitoring as a service if you want us to keep an eye on and alert you if something has indications of the will stop working soon.

IT-Emergencies Team