Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: New Poll: Which Patch Delivery Schedule Works the Best for You? SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Poll: Which Patch Delivery Schedule Works the Best for You?

I've enabled a new poll today in honor of this month's Patch-Tuesday.  In your organization is it easier for you to set aside that 2nd week of the month to focus on security patching, or is it easier for you to integrate security patching into your everyday system administration?  I've always felt that if your environment was large enough to have it's on vulnerability management team, a steady stream of security advisories was preferable to the shock of all arriving at the same day.  However, not everyone is that size, so it may be easier to schedule widespread reboots on Tuesday nights, saving Wednesday for dealing with any consequences (which seem to be happening less often, thankfully.) 

Which would you prefer in your environment?

Kevin Liston

292 Posts
ISC Handler
May 8th 2012
The big company "Indians Booting Machines" likes the 2nd tuesday, as that means they can schedule the changes to test on the day of the patch, and the change for production a few days later. So for us that is fine.
A big shop do need changes, and staged rollout. We can't risk taking down thousands of machines. We don't have enough sneakers to fix them all in reasonable time.
Povl H.

77 Posts
For the small organizations I have worked at, the "all at once" approach worked well.

For the larger organization, it helps to stagger things. There are too many people involved to try and do everything at once.

2 Posts

Sign Up for Free or Log In to start participating in the conversation!