E-BUSINESS SPECIAL REPORT
Windows Updates: Enough Already!

With an enormous volume of code comes the need to keep it current, and Microsoft (Nasdaq: MSFT) has been relentless in this task, issuing scores of updates and patches every day. In fact, staying on top of Windows updates has become a tricky endeavor for IT managers, who often must maintain hundreds or thousands of machines, sometimes equipped with different operating systems and various applications.

Although the steady deluge of updates from Redmond is enough to weary an already-taxed IT staff, there are ways to streamline the process. By developing an update plan and devoting appropriate resources to the effort, it is easier to keep applications current without overburdening the IT department.

Covering the Holes

For some, it may seem that Microsoft could find a better way to release updates, rather than delivering a daily wave of service packs, hotfixes and security patches.

Unfortunately for overworked update gurus, this model does not appear poised for an update.

"[The executives at Microsoft] don't have a choice," Yankee Group senior analyst Dana Gardner told the E-Commerce Times. "If they discover a problem and don't issue a patch right away, and someone later finds out that they knew but didn't attempt to fix it, they could face serious liability issues."

In other words, get used to it. As Gardner said: "It's incumbent on the supplier to warn customers when issues are discovered. That means a steady stream of patches, alerts and updates."

Planning Ahead

Simply because updates will continue to arrive in wave after wave is no reason to stay on the shore and avoid the water, however. There are sound strategies for tackling the update process, starting with a clear plan of attack.

As part of this plan, updates should not be viewed simply as noxious busywork, but as an important task for any IT department. Although such a task can seem overwhelming when considering the number of computers that need to be maintained every day, there are ways to make the work less intimidating.

"Break it into small parts," Gardner said. "Understand what updates need to be done and where, and then you can figure out what kind of resources you need to do it. Maybe you'll need to divide the updating duties [among] several people and make each of them responsible for certain machines. Maybe you need to add some software."

Mapping out an update schedule and assigning responsibility for seeing that it is followed is the first step toward surfing the update wave in style.

Staffing Solution

The burden of updates may be felt most at firms with limited resources or at educational institutions that are rich in technology but poor in staff.

Edmond Cooley, director of IT at Dartmouth College, told the E-Commerce Times that in these tough budget times, the upgrade process can be difficult.

"At times, it's murderous," he said. "The good news is that Microsoft is keeping up with the security issues, but the bad news is how much time it takes us, since we run a couple different OSes on campus."

Dartmouth's tactic is to parcel out the work by having one person monitor the update list daily to see which patches may be relevant, then tapping all IT staffers to complete the necessary work.

"I do some personally and look at the update list as well," Cooley said, "because I know that for some systems, if anything goes wrong, I'm the first one people will come to."

Ware House

Not all update work involves manual labor, however; there are some software options that IT departments can consider.

For example, Microsoft sells Systems Management Server (SMS) software, which deploys applications, updates and operating systems over an enterprise's network. The software, which is priced according to the number of client access licenses (CALs) needed, starts at US$1,129 for 10 CALs. CAL pricing varies, but as a point of comparison, an individual Windows 2000 CAL (without the SMS software) costs $30.

For those who prefer lower licensing costs, even if it means more work, there are products like Norton Ghost 2003 from Symantec (Nasdaq: SYMC) ($559 for 10 installation licenses), which allows imaging and backup sessions without the use of the traditional DOS shell and boot diskette.

Another update helper is the multiplatform netOctopus from Netopia, which can schedule and run updates or new software rollouts from a centralized location. The cost is $65 for 10 nodes.

Chin Up

As unusual as it may sound, an enterprise's overall update strategy should perhaps involve a sense of acceptance about the Microsoft daily deluge.

As Aberdeen Group analyst Peter Kastner told the E-Commerce Times, "I think Microsoft is getting a bum rap." The company's strategy of continual updates may make IT departments groan, he said, but it sure beats the alternative: buggy applications and security holes.

"Whenever a security flaw is found, they fix it as quickly as possible and push it out to the subscriber through a free update service," Kastner noted. "Would it be easier if they made bug-free code? Sure. And someday the sun will explode."

Until the sun bursts, those in IT will simply have to start planning, look on the bright side and decide which updates to install.