The health of your IT infrastructure depends on having a comprehensive program for testing and applying software patches and staying current on software upgrades. Upgrades do more than fix program bugs that you may or may not be experiencing – they plug security holes that hackers could use to compromise your systems.

Four best practices to keep your software patched and upgraded:

1) Don’t Become a Target. The National Institute of Standards and Technology (NIST) reports that one of the biggest enablers of malicious software attacks comes from organizations failing to apply software patches to correct known vulnerabilities.

Tip: Be Proactive. A remote database management service should be able to help you ensure your systems are always patched, current, and safe. America’s genius inventor and statesman Ben Franklin said it right 200 years ago: “An ounce of prevention is worth a pound of cure.”

2) Create a Patch Czar. New patches are released almost daily, and even patches for seemingly ancillary applications are crucial. Your organization needs to select a point person, or tightly focused and on-task committee, to ensure patches are not missed. Most major attacks in the past few years have targeted known vulnerabilities for which patches existed before the outbreaks.

Tip: Reliability is Everything. Whomever is appointed the Master of Patches, should have a spreadsheet frame of mind. Find the right person to track patch release and application across all the systems and applications in your IT infrastructure. Also consider offloading the task to a remote database management service, which is set up to manage this role.

3) Test Before Patching. Life ain’t fair. First, the experts say: Patch Immediately! Then they say: Test Before Patching! The correct answer is Yes & Yes. Although the patches are tested before distribution, IT infrastructures are so complex that organizations should have a testbed for ensuring that a patch won’t create unforeseen complications.

Tip: Get Help on Testing. If you’ve got a solid testing group within your organization, make good use of it. Test against your unique infrastructure before you deploy into your production environment. A remote database management service can be a great help here even if you have an internal testing organization, especially if you don’t. That’s because a well-established remote database management service will have its own testing procedures.  They will apply the same patches and upgrades across a diverse set of systems so that your business will benefit from the aggregated testing experience and knowledge.

4) Stay Upgraded. After a company releases a sufficient number of patches, they get around to releasing a new and improved official upgrade to their software. SQL Server 2005 gives way to SQL Server 2008; Oracle 10g gives way to Oracle 11g; and so on with operating systems, application suites, and other key infrastructure components. From an operational standpoint it is easy to think: “We don’t need more bells and whistles.” But, beneath the bells and whistles are potential substantial code updates with which you want to stay current.

Tip: Don’t Get Left Behind. Sometimes it actually makes sense to wait momentarily before deploying the next product upgrade (something that can’t be said about waiting on patches). Yet, if you wait too long, you risk losing product support and creating a more difficult and expensive upgrade path. For example, Microsoft no longer supports SQL Server 2000, even though it is still widely deployed. And the upgrade path isn’t as easy when attempting to leapfrog over the product upgrades, which you never got around to deploy. The experience of a remote database management service can be an advantage in determining the right time to make your upgrade moves. They will also be able to use their deep product knowledge to help you achieve a swift and effortless upgrade.

Contact Bluewolf's Beyond Managed Services team to learn more about our Remote DBA, Cloud Application Management, and System Admin.