Windows Update is a service provided by Microsoft that provides updates for all the existing Microsoft Windows Operating Systems currently being supported (an older OS may not have active patches being created for it).
Microsoft Update is a wholly expanded version of the Windows Update service providing updates and patches not just for the operating system and Internet Explorer, but also for other Microsoft software running under Windows such as Microsoft Office.
Collectively the management of these various update patches is known as Patch Management. These updates are important as there are always improvements to the software's base reliability, performance and security that need to be addressed. Patch Management is a more hands on approach to managing the software patches themselves. It requires an involvement and awareness of the potential ways that the Patch could impact your system.
In many cases I recommend the use of a Managed Services model, not just as a self-promotion method (though it is a service our agency offers), but because the Installation of Patches is being scheduled and handled remotely, it does not have to interfere with your daily business. Meaning that best practices are likely being implemented, and that the impact to the business network is at an absolute minimum (since Patches and Updates can require server restarts and system interruptions) by having them take place in off times and over the weekend. Also, by using a reputable company that provides qualified Managed Services you can be pretty sure that they are aware of the patches that may or may not be beneficial or detrimental to your organization.
A qualified Managed Services provider should take the following steps with regard to installing or applying Windows Updates or Patches.
Approval of Patches
Most often, patches should be deployed in a test environment to ensure that they are error-free and stable, before rolling them out to your entire network. In those cases where a business has multiple departments and / or a team of system administrators, you should ensure that the patches tested by one department are able to be directly approved for deployment, saving time which can be used for other tasks.
Deploy Patches based on missing Microsoft patches or system vulnerabilities, while comparing the Patches with known incompatibilities to ensure successful patching. Patches should be applied at a time where there is minimal network downtime or core business interference. Typically a Managed Service Provider will schedule these patches to occur on evenings or weekends.
You should be provided with regular patch reports, which provide details about your business network, system vulnerability level, missing Windows patches, applicable Windows patches, installations status, etc.
Your Managed Service provider should be:
- Scanning computers regularly to identify any potential missing patches
- Identifying missing patches and downloading them from the appropriate vendors' Web sites
- Downloading patches that are required for your network and scheduling tasks related to patch deployment of those patches that could impact network operations (Server updates).
- Downloading patches that your business requires and automatically installing them on to specific workstations computers
Security Definitions and Antivirus Updates
Antivirus definition updates is quite crucial for all small business enterprises. Antivirus software is critical for all machines that regularly transmit data to / from the internet (send receive email, browse webpages and download content or email attachments). Antivirus definitions are the current list virus / malware / spyware threats that are being actively scanned for and protected against by your Antivirus software. Keeping current Antivirus definitions ensures that you are protected as soon as possible from all new and recently concocted threats.
With the volume of malicious code increasing each year Network Administrators need to keep an eye on these frequent definition updates to avoid any possible mishaps. However, this process can also be made easier by using a Managed Services Provider.
Supported Operating Systems and Applications
Most MSPs will support a long list of software and OS options. If you see that your small business network runs on, and or uses the majority of the software listed below, you may want to consider the value of a Managed Service Provider.
- Windows 7 (Enterprise, Professional, Ultimate)
- Windows Vista (Enterprise, Business, Ultimate)
- Windows Server 2008 R2 (Datacenter, Enterprise & Standard)
- Windows Server 2008 (Standard, Enterprise & Web Server Editions)
- Windows Server 2003 (Standard, Web & Small Business Server Editions)
- Windows XP Professional
- Windows 2000 Professional
- Windows 2000 Server
- Windows 2000 Advanced Server
- Microsoft Office 2003
- Microsoft Office 2007
- Internet Explorer
- Windows Media Player
- .NET Framework
- Direct X