In the modern world we’re always striving to stay up to date in the fight for protection against hackers. Patch management is a must for modern-day security, though always updating to the latest and greatest can sometimes cause unforeseen issues in your IT environment.
This means there’s a balancing act between being completely updated, testing updates and preventing disaster with third-party software. Recently at IronTree we saw an example of why this balancing act is so key to businesses.
We recently patched all updates that Microsoft released through their update channel, but a Windows feature preview caused issues in our data centre and across our customer base. Something as simple as a Windows preview broke Remote Desktop Protocol which meant customers were unable to access their servers. This was a rare occasion where being up-to-date took us a few steps back. We inadvertently broke our own environment as being completely up-to-date wasn’t yet suitable for some of our vendors, who hadn’t released their own updates yet.
To avoid future complications with updates and the rush to stay on top of the game, we’ve amended our update strategy to install only the most critical updates immediately. We then wait a little bit for vendors to update their own software before we install the less important updates.
We’ve also found that a sandbox environment, wherein we can run updates and test they don’t break the system, is a handy way to ensure that staying updated isn’t putting us or our customers at risk. By applying caution in this way, we’re able to have the latest and greatest in disaster prevention without risking systems.