For the past few weeks I've had some really good discussions around patch management. The reasons why some people don't patch, the reasoning behind why people do patch, where it fits into an organization and who's role it typically falls under. All of the conversations have been great and it is clear to me that patching is not just clicking update and walking away. Patch management should be part of a robust, important and thought out procedure in almost every organization. Big and small alike, the processes and challenges are pretty similar for all of us.
As a last brainstorming event on the topic, I thought it would be interesting to play King (or Queen) for a Day. Looking back at the Patch Management process, if you had supreme powers, what would you change? How different would/could the processes look? No need to even ground it in reality if you feel strongly enough about it!
Let's start with reboots becoming a thing of the past. Patch an application or OS and NOT have to restart or incur downtime penalties?!? Revolutionary!
Expulsion from my computerized Kingdom for any vendor requiring manual patching. If you've packaged it up in a way that requires me to manually copy files or change registry entries, you haven't put enough time into your patch. This would be considered a capital offense in my fiefdom.
What would you do if you could just summon your subjects, wave your hand and make it so?
*Reply to this post to earn 50 points and 1 entry to win an iPod Nano