May 7, 2012 at 6:12 am
I've become more involved in patching our servers and workstations. I'm curious about how other companies approach this. There always seems to be a big concern about security until the point that patching breaks something. Then management often wants to back off on patching rather than fix the locally written software.
One company I know sets up new sql servers behind multiple firewalls, then never patches the OS or sql again -- at least that's what I've heard.
May 7, 2012 at 12:10 pm
The company where I am currently will only apply Service Packs, reasoning that Hotfixes, bunches of hotfixes like CUs and QFEs are only unit tested, i.e. that Microsoft only guarantees that SPs undergo full regression testing across the whole product therefore they are not safe to apply.
I have heard about the 'never patch' mentality and liken it to the 'if it ain't broke don't fix it' mentality. I see both as dangerous, and the latter in shops riddled with laze and apathy.
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato
May 7, 2012 at 12:43 pm
i've seen the "never patch" approach at very large fortune 500 companies.
it is usually the practice when the vendor that provided the software no longer exists.
as far as applying patches, we patch DEV and TEST first.
2 weeks later we patch PROD. if within that 2 weeks, the business is required to sign off on the patch.
if the business signs off on the patch, and no testing was done and the app breaks, we role back the patch and give notice that support is no longer available.
that usually gets the testing done......
May 7, 2012 at 1:05 pm
Too bad we don't get more OS and MS Office service packs instead of monthly patches.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply