MSP Business
How to Handle Updates and Patches Properly
Installing patches in order to keep software up to date is a core part of virtually every admin's job. But to be the best admin you can be, it's important to manage updates in a way that disrupts your users as little as possible, while also making efficient use of your own time.
Otherwise, you run the risk that installing patches and updates will create new problems (like causing downtime for business-critical systems) even as it solves existing ones.
This article offers tips on avoiding that outcome by identifying steps for working with updates and patches.
Reasons to Install Updates and Patches
In order to take a healthy approach to patch management, you should start by understanding why you install patches and updates in the first place.
This may seem like a silly topic; after all, most admins know almost intuitively that installing updates is important. But it's easy to fall into the trap of treating updates as something you have to do "just because." That thinking can undercut your motivation to streamline patch and update management.
To develop a healthier perspective, focus on the end result of patches and updates:
- Addressing security vulnerabilities that could lead to major risks for your business (and major headaches for the IT team).
- Fixing performance problems that cause a frustrating user experience, and that may also make apps harder to manage.
- Solving reliability issues that could cause important systems to fail.
When you think of patches and updates in these terms, it becomes easier to motivate yourself to go out and take the most efficient and consistent approach possible to patch management.
Further reading Patch Management Best Practices
Tips for Streamlining Updates and Patches
When it comes time to perform actual updates or patch installation, there are a variety of ways to ensure that the process is as smooth as possible for both the IT team and for end users.
Think from the User's Perspective
In addition to tracking patches and updates from the viewpoint of the IT team, think about what the end user experiences when patches are applied to systems that he or she uses. Do the updates happen completely automatically in the background? Does the user have to approve updates? Does an admin come on site and take over the user's computer temporarily to perform updates?
Thinking from the user's perspective about patches and updates will help you design a patch management process that minimizes disruption to users.
Be Prepared to Support Users
Along similar lines, be sure to have a support system in place for handling instances where a patch creates disruptions for users. Can you give them temporary access to a backup system to minimize the disruption? How will you provide assistance if they are asked to install patches themselves and something goes wrong?
Further reading Patching up the Network: Why MSPs Must Start with Device Identification
Manage Patches on a Per-User Basis
Don't take a one-size-fits-all approach to patches and updates. Tailor your patch management policies and schedules to different departments or individual users. The times of day when patch installation causes the least disruption could vary by department, for example.
Communicate the Importance of Patching to Your Team
As noted above, it can be easy for technicians to think of update and patch installation as mundane work that is relatively unimportant. To quell this mindset, be sure to educate your entire team on the importance of patches. Help them understand how patches and updates protect the business and make the IT team's work easier in the long run.
Set Patch Priority Timeframes
Identify ahead of time how quickly you will install different types of patches. Typically, critical patches should be installed immediately. But those that fix issues of lesser severity can be tested before deployment to production systems.
In a similar vein, designating preset days and times for installing non-critical patches allows users to know when to expect patches and minimizes the risk of unanticipated disruptions.
Further reading Patch Management Policy
How RMM Tools Can Help with Updates
In most cases, remote monitoring and management (RMM) tools are an essential part of any efficient patch management strategy.
In addition to helping to build IT asset inventories and determine the patch status of individual systems, RMM tools can automate the patch installation process. They can also help you monitor for failed updates. And they are a convenient way to deploy patches to test environments in instances where you want to test the patch before production installation.
Try patch management with MSP360 RMM - start a fully functional 15-day trial and see the benefits for yourself - this solution will help you make your patch management routines more efficient, flexible and reliable.
Further reading What is RMM? Remote Monitoring and Management Basics
Conclusion
The best patch management strategy not only ensures that patches are installed when and where they need to be, but also that patching and update routines cause minimal disruption to end users, while also reducing the burden placed on the IT team.