5 Best Practices for Patch Management

Sysadmins for small and medium sized businesses don’t have the time or the staff to spend weeks working out policies and procedures for patching… they need to get in, get it done, and get on with the other five jobs that they have to complete before lunch time. With that in mind, here’s a list of five best practices for patch management that will help small to mid-sized businesses sysadmins secure their systems with a minimum of effort.
1. Get an application
First and foremost, get yourself a patch management application to help you handle patching. There’s no way you have the time or the resources available to you to patch things by hand. A patch management application will automate almost all of the activities associated with patching so you can focus on getting things done.
2. Test your patches
Even the smallest shops can’t afford to patch without testing first. Too many times a patch is released only to be pulled within a day or so because of problems it causes. Testing patches before deployment helps prevent problems you don’t have time to deal with.
3. Deploy them
Once a patch has been released and you’ve tested it, you need to get it deployed to all your systems as quickly as you can. A good patch management application can quickly and easily deploy patches to all your systems, whether it’s an operating system patch or an update to an application.
4. Confirm them
Once you have decided to deploy a patch, you need to be sure it got onto every system. Sometimes a patch fails, other times a system is turned off or disconnected from the network. You don’t have time to run around checking each and every machine in your network, so get a patch management application that can also confirm the patching status of all your systems.
5. Be able to roll them back
When good patches go bad, you need to be able to roll them back quickly. If you don’t have time to manually patch, you sure don’t have time to unpatch when something goes wrong. Make sure your patch management application can roll back patches in case there’s a problem.
Small to mid-sized businesses need to patch just as much as the big enterprises do. Unlike them, they don’t have an entire team dedicated to patching and remediations… it’s all on you. A good patch management application is the only way an SME sysadmin is going to be able to keep up with the patching demands of their environment. If you’re a sysadmin for an SME, get a good patch management application, test your patches, deploy them and confirm them… and make sure you can roll them back, just in case. The five best practices that will keep patching an easy task for you so you can focus on all the rest of your day jobs.