🐿️
20

The whole 'patch everything immediately' vs 'wait and see' debate is getting louder at my shop

Ngl, I overheard two guys from a local MSP arguing at lunch yesterday about whether you should push patches the day they drop or hold off a week. One guy said his client got locked out of their CRM for 6 hours because a Microsoft update broke their VPN, and the other guy said waiting 7 days got his client hit with that ransomware last October. I'm sitting there thinking, is there a middle ground or is it just picking your poison? My shop deals with a lot of small businesses that run on thin margins, so downtime hits them hard. How do you guys decide on a timeline for patches, especially with critical systems?
2 comments

Log in to join the discussion

Log In
2 Comments
stellat87
stellat875d ago
Wait, didn't Microsoft pause that October patch before ransomware hit though?
5
bencampbell
Yeah but that pause came after the damage was already done for a lot of people. The problem is you can't predict which patch is going to be a dud and which one is a lifesaver. I've seen shops split their clients into two groups - critical systems like domain controllers and firewalls get patched on a 72 hour delay with a test box first, then everything else gets a 7 day grace period. The trick is knowing what's actually critical for each client. A CRM server for a real estate agency needs different treatment than a shipping terminal for a warehouse. You just gotta have those conversations upfront so you're not guessing when something breaks.
5