Patching – what is it and should you bother?
16th November, 2017
If you’re thinking sewing and homemade quilts, you’re definitely in the wrong place! However, if you carry out this simple task, you should get a much warmer feeling about the security, reliability and performance of your computer systems.
So, what is patching?
Essentially, it is about keeping everything up to date. That’s from the ground up – your servers and operating system through to all of your expensive software that’s critical to your business.
If we compare it to your mobile phone… All those reminders you get from the App Store or Google Play to update your apps – that’s your phone’s equivalent of patching.
On your desk or laptop, the system may be set up to automatically look for updates regularly, although they are likely to want a prompt from you to agree to install them. With this often comes the requirement to close some or all applications, or even restart your computer.
However, not all computers are set up to automatically look for the updates, and so the updates may only happen if you go looking for them.
Why should you bother?
Definitely don’t hide behind the lack of time excuse. Your IT is critical to the running of your business, so put simply you really can’t afford not to do this.
Yes, there may be some down time to your business whilst you install updates, but better that than be affected by a security breach or other vulnerability through not doing it. This opens the whole can of worms that is business continuity/disaster recovery – we will be covering that another day.
In many instances, you can set up updates to install at a time that is less critical to your business, such as outside of core working hours. However, we would still advise someone “babysat” the update, so they can step in if there are any problems.
Doing updates on your server can have wider implications for any third party software you might run, which is business critical. It’s possible the update may mean other software is no longer compatible.
On that basis, is it better to leave it? The answer is an emphatic no! You risk potential security issues for sure.
How do you decide?
We’re hoping you’ve got the message patching is pretty critical by now. But how do you decide exactly what to update?
Before you even think about this, we recommend you have a company wide policy for patching. Ideally, you don’t want individual employees taking matters into their own hands and potentially causing you problems down the line. It is also much easier for you, if you don’t have to check every member of staff’s computer to check all the relevant updates have been done.
Even better, if you implement a centrally deployed and approved managed process, you can ensure all machines are updated. This is often handled remotely using network management tools. This is a task we do for all our clients, so we’d be very pleased to help you, if you want to talk about this.
If you decide you want to handle it yourself…
Well, you definitely need to start with your operating system – irrespective of whether you run PC or Mac. It isn’t unusual to find, even in very big organisations, that there are a number of patches that have not been installed. This is a huge mistake – as these are very often security related.
Now you’ve covered first base, let’s move on to your application software. This is stuff like Microsoft Office and Adobe Reader etc. You need to make sure you are running the latest version, and if not, make sure the version you are running is still supported – Google can help you here! Of course, if you run cloud based software, such as Office 365, this is done for you.
And then comes all the rest… Your accounts software, CRM etc. If you pay for annual support, please make sure you have kept this up to date. We often hear clients bemoan they have paid for support only to find out their software is out of date and the help desk won’t help!
Before you dismiss this as all pretty obvious, we’d like to say sadly that’s not the case. Some very large and well run businesses have fallen fowl of not doing critical patching – and paid the price. The well publicised WannaCry cyber attack certainly made the most of this vulnerability.
If this all sounds like a huge headache, then you’ll be pleased to hear there is an alternative…
We can do a full audit of your IT system and identify what needs patching. And, we can even handle the updates for you. If you’d like to arrange that for your business please contact us on 01784 437 123.