Patch Management

Patch Management – Best Practices

Why Does Patch Management Matter?

Simply put, patching is important because of IT governance. As a corporate IT department, you’re held responsible when viruses affect users or applications stop working. It becomes your problem to solve. Securing your organization’s end points against intrusion is your first line of defense. With an increasing number of users working while mobile, simply securing your network through firewalls doesn’t account for company data that’s been taken outside your network perimeter. Proper patching is the best start to securing those devices. Most IT professionals pay attention to security and patching their users’ systems, but how many have a well-honed patch management policy? Patch management is often seen as a trivial task by end users—simply click ‘update’. For administrators, there’s a lot more to it, and a proper policy is certainly not overkill. But what should a patch management policy include apart from deploying patches? Read on to learn how to implement patch management policies, processes and persistence.

1 – Policy

The first step in developing a patch management strategy is to develop a policy that outlines the who, what, how and when of patching your systems. This up-front planning enables you to be proactive instead of reactive. Proactive management anticipates problems in advance and develops policies to deal with them; reactive management adds layer upon layer of hastily thought-up solutions that get cobbled together using bits of string and glue. It’s easy to see which approach will unravel in the event of a crisis. The goal of patch management policy is to effectively identify and fix vulnerabilities. Once you’re notified of a critical weakness, you should immediately know who will deal with it, how it will deployed and how quickly it will be fixed. For example, a simple element of a patch management policy might be that critical or important patches should be applied first.

2 – Discovery

Information comes to you about a newly released patch meant to address a product defect or vulnerability. These notifications can originate from a number of places—LabTech, Automatic Updates, Microsoft’s Security Notification Service. It all depends on which tools you use to monitor and keep your systems up-to-date. In this chapter, we’ll talk about a number of 2 proven tools you can use to manage patching notifications.

3 – Persistence

Policies are useless and processes are futile unless you persist in applying them consistently. Network security requires constant vigilance, not only because new vulnerabilities and patches appear almost daily, but because new processes and tools are constantly being developed to handle the growing problem of keeping systems patched. Effective patch management has become a necessity in today’s information technology environments.

Reasons for this necessity are:

• The ongoing discovery of vulnerabilities in existing operating systems and applications

• The continuing threat of hackers developing applications that exploit those vulnerabilities

• Vendor requirements to patch vulnerabilities via the release of patches.

These points illustrate the need to constantly apply patches to your IT environments. Such a large task is best accomplished following a series of repeatable, automated best practices. Therefore, it’s important to look at patch management as a closed-loop process. It is a series of best practices that have to be repeated regularly on your networks to ensure protection from exposed vulnerabilities.

Patch Management requires:

– Regular rediscovery of systems that may potentially be affected

– Scanning those systems for vulnerabilities

– Downloading patches and patch definition databases

– Deploying patches to systems that need them

4 – Patching Resources

Microsoft updates arrive predictably on Patch Tuesday (the second Tuesday of every month), which means you can plan ahead for testing and deployment. You can get advance notice by subscribing to the security bulletin, which comes out three business days before the release and includes details of the updates. The following is a list of currently available resources you can use when augmenting your patch process, as well as some that can keep you informed of patch-related updates that fall outside the scope of Microsoft updates.

Microsoft Security TechCenter –

SearchSecurity Patch News

Oracle Critical Patch Updates and Security Alerts (Patch Mailing List)

Patch My PC (third-party, free patching)

5 – Patching Tools

Client Management Platform Approving and deploying patches on individual machines is simply not scalable. As your organization grows, it is important to utilize a tool that can automate your patch management process, so your technicians aren’t bogged down with the mundane task of individually patching each machine. A client management platform with built-in patch management capabilities can help. When searching for the right tool, remember to look for one that enables you to:

-Identify, approve, update or ignore patches and hotfixes for one or multiple devices at a group level

-Define patch install windows for an individual device or a group of devices

-Schedule patch installation times and patch reboot times

-Create tickets for all successful patch install jobs

-Provide detailed reports of patch install jobs to your management team


Third-Party Patching Tools

It is important to ensure timely installation of patches, so security holes remain closed not only in the Windows operating system, but also in software products that are used on desktops and servers. A third-party patching tool such as App-Care or Ninite can be used for obtaining, testing and deploying updates to third-party applications. Be sure to look for a third-party patching tool that integrates seamlessly with your client management platform for increased automation and efficiency.



Patch management is a critical process in protecting your systems from known vulnerabilities and exploits that could result in your organization’s systems being compromised. Viruses and malware are just two examples of aggressors that take advantage of these weaknesses and can be especially destructive and difficult to correct. Patches correct bugs, flaws and provide enhancements, which can prevent potential user impact, improve user experience and save your technicians time researching and repairing issues that could have already been resolved or prevented with an existing update. Users generally understand that their systems need to be patched, but they often do not have the expertise to comfortably approve and install patches without help. Developing best practices to manage the risks associated with the approval and deployment of patches is critical to your IT department’s service offering.


This article was provided by our partner Labtech


Service Desk vs Help Desk Services – What’s the Difference?

Service Desk vs. Help Desk. Hmmm. But…aren’t they the same thing?

If that’s your reaction, you’re not alone. It’s generally agreed there’s some gray area involved. So why make a big deal about it?

While strikingly similar at first glance, a closer and more practical look reveals differences that go beyond tomato-tomahto, potato-potahto wordplay. Because each represents a distinct strategic approach, determining whether you need one or both—and understanding why—can impact how your IT organization operates and satisfies customers. Our goal here is to help uncomplicate the topic with some break-it-down basics.

By Definition

In differentiating between the two, ITIL looks at the IT process from beginning to end, mapping how they should be integrated into the overall business strategy. The service desk is a key component of managing the overall process from a strategic ‘big picture’ cross-organizational perspective. It reviews the overall IT processes and functionality. The help desk feeds into the service desk with a tactical, day-to-day role in responding to end-user needs. An overview of specific functions helps clarify.

Service Desk Focus – Client Strategy

Being the first point of contact in an organization for all IT questions, best practices service desks are process and company strategy focused. Functions can be outlined in five ITIL Core Service Lifecycles:

  • Service Strategy: Evaluate current services, modifying and implementing new as required
  • Service Design: Evaluate new services for introduction into business environment and ability to meet existing/future needs
  • Service Transition: Ensure minimal business interruption during transitions
  • Service Operation: Ongoing monitoring of service delivery
  • Continual Service Improvement: Analyze opportunities to improve IT processes/functions

Help Desk Services Ultimate Goal – First Contact Resolution

The help desk is a component of the service desk, most concerned with end-user functionality and providing incident management to ensure customers’ issues are resolved quickly. Tasks include:

  • Computer or software consultations
  • Change and configuration management
  • Problem escalation procedures
  • Problem resolution
  • Single point of contact (SPOC) for IT interruptions
  • Service level agreements
  • Tracking capabilities of all incoming problems

Do You Need Both?

A help desk is an absolute essential for providing actionable, technically skilled resources for problem resolution. Since a service desk generally takes a more proactive stance, addressing issues of a less urgent technical nature, some companies may not yet have need for its broader offerings.

The Bottom Line

Regardless of strategic and tactical differences, the bottom line is help desks and service desks share a common ‘reason for being.’ Their purpose is to meet the ever-heightening expectations of technology users—both internal and external to your organization—for the best possible service experience. If that goal is being successfully accomplished, you can most likely relax about sweating the semantics.

This article was provided by our partner Labtech

4 Patch Management Practices to Keep Your Network Secure

Patching is vital to securing systems from known vulnerabilities, but it’s also a risk that can bring down those systems if you deploy a bad patch. In order to maintain the proper risk balance you should focus on patches that close vulnerabilities.

Even once you establish your risk balance, you are continually under the threat of a CNN story about the latest vulnerability and the unexpected patch that must be deployed to close it. Building repeatable processes that solve this security/availability balance keeps your systems secure and keeps you ahead of emerging threats.

Here are four keys to expert patch management:

1) Solve for Third Party Applications

Hacking has evolved into an organized business looking for the fastest way to exploit as many systems as possible. Secunia’s 2014 Vulnerability Review calls out that 76% of vulnerabilities are related to third party applications, outnumbering Microsoft applications such as Office (16%) and Windows (8%).

2) Manage the 5%

The 95/5 rule is the theory that the majority of patches approved for deployment will apply to most of the systems you manage. The trick is identifying and managing the 5% of exceptions. Although it is tempting to handle patch approval on individual computers, building groups or policies to handle exceptions is the more scalable solution.

Your next step is to identify systems with unique patching requirements and apply exceptions to those systems. If you know a line of business application will fail if an MS-SQL service pack is installed, being able to identify a new system with the same line of business application and automatically deny that service pack avoids a potential service outage.

3) Save Time and Remove Clutter

Most organizations have default approval policies for common patch categories such as critical updates, security updates, language packs and drivers. Being able to automatically approve or deny patches based on category will reduce the number of patches you need to review each Patch Tuesday. With third party applications this becomes more critical as the release cycles for third party applications can reoccur randomly throughout the month.

4) Stage Patch Deployment

Blindly pushing patches to all systems without validation can be a recipe for mass disaster. Microsoft has had several patches in the past year that have had an adverse impact, forcing those that did not test to remove them or deal with the impact.

Patch staging is a process where you apply patch approval to a series of separate groups of systems. Patches are deployed to each group prior to moving on to the next group to validate their quality before releasing them to the majority of your systems. For example:

  • Stage 1: A smaller number of trusted internal systems or lab systems
  • Stage 2: A sample of production systems testing compatibility with line of business applications, while still limiting exposure
  • Stage 3: Release to the rest of your managed systems

Once you are ready to install, avoid patching critical systems all at the same time. You can minimize outages by patching higher risk systems prior to internal systems, patching based on server role to solve for dependencies between servers, or by staggering deployment to different locations within the company. While staggering the deployment of patches to avoid outages, you must also balance the risk of systems that remain unpatched and vulnerable.

These patching best practices are meant for you to adopt and mold to fit your business. The policies you implement should solve for the requirements of your business and the systems you manage. Once you have defined your patching policies, implementing them on regular basis each month is the key to success.



This article was provided by our partner Labtech who provide third party patch management tools to service providers.

8 Trends Shaping Technical Support Services in 2016

Technical support is heavily dictated by technology. Numerous advances in technology have been rapid and have created various paradigm shifts. In recent years, technical support services have changed a lot to catch up with the ever-increasing and diversifying technology trends, not just for business clients, but also for consumers. From “bring your own device” (BYOD) to the use of smartphones and tablets, these massive changes in behavior have impacted the way technical support is delivered.

In 2016, these trends will continue to make life fascinating (and potentially troublesome) for tech support groups. You can expect the trends listed below to continue at least for the rest of the year.

1. Multi-Vendor Calls.

There was a time when a tech company usually only handled their own products though there were a few companies who had multi-vendor customer support as part of their service offerings. Today, whether supporting hardware or software, technical support personnel are expected to be able to assist in cross-platform issues—from supporting apps on Android, to issues with iPhones, as well as having knowledge of multiple operating systems like OS X and Linux.

2. BYOD Calls.

With business apps now available on smartphones, BYOD has become standard for the office. The prevalence of these devices has made it necessary that tech personnel understand the need for training on iOS and Android mobile devices.

3. Chat Support.

Phone support has always been the go-to for companies. However, the 1-800 number is no longer the front line for customer help services. Technical support services via chat, whether on the company web page, on Skype, or other chat and VOIP apps, have been increasing steadily.

4. Support for the Cloud.

Software as a Service (SaaS) and the subsequent Retail as a Service (RaaS) have proven that the cloud is the next great platform. With software and sales systems going to the cloud, support services have to follow. This is probably a good thing because cloud-based systems are more easily accessed and integrated.

5. Social Media as a Service channel, and SEO to optimize sites.

People are utilizing social media to air their questions, regardless if it’s positive or negative feedback. Although it has been recommended that companies do not answer support calls on Facebook, there is simply no way to stem the tide. Solving issues correctly and quickly has become the only way to keep support issues from blowing up on social media, which can potentially be devastating for brand image. If a company has displays great service on social media, expect more people to give it likes on Facebook, Yelp and other social media sites. SEO is also essential to optimize sites and enhance the efficiency of social media platforms. It also helps in generating useful leads for different companies. Have a look at this great site to find more information about the same. SEO and everything else related to it further enhance the quality of customer support, and is therefore, the need of the hour. If you want to learn more on how to have a good SEO, try to look for a consultant like the ones from

6. First Aid Support with Siri.

Not just from Siri on Apple iOS, but also Google Now, Microsoft Cortana, and Amazon’s Echo. These talking digital assistants on mobile devices in the article will continue to become more relevant. People have started talking to their smartphones, and the smartphones have been great at providing answers. Expect them to at the frontline of support very soon.

7. DIY Videos.

There are tons of do-it-yourself videos on YouTube. I remember that my family used to buy YouTube plays for my videos. For some people, this is where they get their information on how to fix things quickly. Technical support services have not yet fully utilized this potential channel, but, they are getting there. Posting tutorials and other helpful videos on YouTube will continue to be a trend. These don’t usually cost too much, and they bring in viewership, which also helps create a larger SEO footprint for companies.

8. Customer Service as a Priority.

Customer support has been traditionally treated as a maintenance service, and as an afterthought to sales. Big IT corporations like IBM know that technical support is a profit center and that having better service results in more people buying a product. Great customer service is now becoming a selling point for products.

Effects and Taking Advantage of these Trends

The mentioned trends are just some of the major changes that directly affect the way technical support services are delivered.

The essence of these changes is immediate support over multiple channels. Each customer is unique, and this will be evident in the type of support they need. Companies who can address this issue or use these trends to their advantage will come out on top in providing the best possible support and assistance to their customers.

Technical support services have been stepping up to match the needs of their clients. With these continuing trends, the tools for better service have been upgraded—leading to better customer service.



reposted from :