Let’s not try to pretend that patch management is an exciting subject. It’s not. Convincing clients of its importance can, however, be tricky. Do you know the importance of a patch management service?
Non-technical people have no interest whatsoever in a newly discovered “buffer overrun vulnerability.” To them, this just sounds like technical mumbo-jumbo. While users may sometimes notice updates being installed, they are unlikely to have any idea what they are and how important they can be.
So, how do you make clients take an interest and convince them that investing money (ideally with your company) is a sound and necessary business decision?
The key is to make customers understand the possible implications of failing to stay on top of the myriad patches and updates that must be installed to keep their systems secure and stable. It’s best to explain these issues in business terms, rather than blinding them with science.
Consider making use of the following points, or join the entertaining Ian Trump next week Friday, the 26th of February, at 12:30 PM for the “Patch Management Webinar: Sometimes it only takes one device…” where he will cover this and more:
- Patches and updates are always released for a reason, and failing to install them can mean that systems are wide open to hacking attempts and privacy risks.
- The consequences of falling victim to an unpatched vulnerability could involve anything from loss of crucial data to an embarrassing security breach. This could result in potential loss of revenue due to malicious programs such as Ransomware (encrypts your data then tells you to pay for the code to decrypt aka get access to your data).
- Patch management doesn’t end with making sure basic operating system updates are installed. To be effective, a patch management service also needs to cover everything from updates to Web plugins such as Flash used on user’s PCs, to the content management platforms driving company websites.
- Just because failing to stay abreast of updates hasn’t caused a disruptive system problem in the past, it doesn’t mean it won’t in the future.
- Manual patching is repetitive and time consuming for the IT department. Investing in a managed solution may result in fewer billed hours and a smaller overall IT support bill.
- Patching too soon can have an equally detrimental effect as patching too late. If a new patch causes compatibility issues and is rolled out across the network without proper testing, the outcome could be system downtime that leads to lost business revenue. This highlights the importance of dealing with patching in an organised fashion by making use of a test environment to confirm compatibility.
- Servers need patching as frequently, if not more often than PCs. To avoid disruption to the business this means updating them outside of working hours. Without a patch management service system that helps the IT department to update servers from a distance, or in an unattended way, the likely outcome will be bills for out-of-hours IT work.