Do you have scheduled fixed day(s) of a month for downtime to patch each critical system?

EngineeringSecurity & GRC

No25%

Yes, 1 day of the month47%

Yes, 2 days of the month22%

Others (please specify)5%

lock icon

Please join or sign in to view more content.

971 PARTICIPANTS
5.8k views2 Upvotes11 Comments
Sort By:
Oldest
Director in Finance (non-banking)5 years ago
Patch agents are receiving patches and updating systems 24/7, the only scheduled activity is a reboot if systems are going more than seven days without restarting 
Director Certifications in Education5 years ago
As needed, and also regular schedule like MS patch Tuesday.

Chief Security Officer in Software5 years ago
Patch scheduling depends on severity (CVSS score). Most are fixed during scheduled maintenance windows, but high and critical are dealt with as needed to remediate as quickly as possible.
1
ISSO and Director of the IRU in Healthcare and Biotech5 years ago
Depends on the criticality of the vulnerabilities. We can do urgent immediate patches if necessary outside the cycle.
CIO5 years ago
I answered no, because it's not a fixed day of the month.  Rather, we have a weekend each quarter where we negotiate a quarterly IT outage.  In our work on patching what we found was that it was far easier to hold individual applications accountable for finding their own downtime (negotiating the specific duration/date of each outage with their business customers).  But when broader outages were required (think core switches and routing, shared VM infrastructure, etc) that impacted multiple applications -- and maybe multiple critical applications -- it was easier to pre-plan these weekend outages for the year.  Our experience was that initially these outages were more impactful to systems because we were dealing with a lot of deferred maintenance.  But after the first year (4 weekends) the impacts were much more limited in scope (in general).   Our biggest learning was that it was much easier to negotiate the weekends that we needed a year in advance (and then continually remind people that they were coming up!), and that we always had work that needed to be done.  Also, having these scheduled outages allowed for better coordination of support staff when bigger changes were necessary. 
4

Content you might like

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

What have been your experiences with using OData with Java and/or .Net?

Applications & PlatformsDatabaseEngineering+1 more
243 views2 Upvotes

Is the metaverse dead, or is it just getting started?

EngineeringDisruptive & Emerging TechnologiesAugmented & Virtual Reality (AR/VR)
Senior Director, Defense Programs in Softwarea year ago
As a buzzword, it’s on life support.
2
Read More Comments
2.8k views2 Upvotes16 Comments

Is flutter flow best for app builder software

Applications & PlatformsCloudContact Center & Telecom+15 more

Yes79%

No20%

1.2k views