IT Support in New Jersey & New York: (347) 351-3031 or (201) 645-1255
Patch Management: Frequently Asked Questions

General Questions About Patch Management

What is patch management?

Patch management is the process by which we determine when to install operating system and third-party updates on our customers’ workstations and servers. 

While updates are critically important for maintaining computer stability and security, any change to a computer’s software can potentially cause driver issues, crashes, and software incompatibility. Patch management entails balancing the need for security and performance improvements against the risk that updates bring.

Why is patching important?
Patching ensures that bugs and vulnerabilities found in the operating system and in other software are repaired (“patched”) promptly after they are discovered by the software vendor. So it means that computers will be more stable (less likely to crash or manifest problems) and less vulnerable to malware.

More stable computers result in a more productive workforce. Less vulnerable computers results in a lower probability of  your data or your customers’ data being hacked, encrypted by ransomware, or stolen.

Do you have to log into my computer to install patches?
Generally speaking, no! We perform patch management from our dashboard, using the RMM agent we have installed on our customers’ computers to “push” the updates that we approve to their devices.  Occasionally, if we see an issue with an update, we may need to remote into your computer directly to resolve the issue, but this is rare.
How do I know if patches are being successfully installed and which patches?
We send out monthly reports to every managed services customer with information about how many patches were allowed, blocked, or failed.

We don’t include details on which specific patches are installed because this info tends to be technical and can be confusing to the end user.

Generally, you don’t need to worry about the details of patching. That’s our job! If there is a problem with patching on one of your devices, we are immediately made aware of it and will take appropriate action.

Why does Windows show certain patches as not having been installed?
Our RMM (remote monitoring and management) agent “side-loads” updates which can bypass the Windows Update database. It’s likely that the tool you ran to view installed updates was checking the Windows Update database which wasn’t accurately showing installed updates.

It’s also possible those updates were blocked or delayed by our engineers because of performance or technical issues.

Why does my computer have to reboot after patching?
Often, a Windows update requires a restart (or “reboot”) of the computer in order to complete the installation of the patch or patches. Delaying the restart can lead to instability in the system until the restart is completed.
I turn my computer off regularly. Isn't this as good as a restart?
Surprisingly, the answer is no. Some patches installations do not complete when the computer is shut down completely and turned back on. Either the computer must automatically reboot (based on our patch policies) or a user must choose the “Restart” option in order for patching to complete.

Do the computers have to be left on every night?
It depends on what kind of computer you have.

  • Windows towers and all-in-ones, as well as all Macs, should be left turned on every night. The reason for this is that regular maintenance (as well as occasional emergency patches) is scheduled to occur at this time. If you’re concerned about energy usage, we encourage you to turn off the screen.
  • Rather than patching and rebooting laptops at night, we complete patching during the day, and the user is prompted to reboot. After five reboot prompts (one every day for five days), the machine will force re-boot, which means it will restart without waiting for you to give permission. To avoid being prompted or having your laptop force a restart, we encourage you to restart your laptop regularly. Please note that, for patching purposes, restarting is not the same as shutting down and starting up your computer. You must actually choose the “Restart” option on your laptop in order for patching to complete.

Why are laptops treated differently from tower and all-in-one workstations?

Laptops are often taken home by users and either used at night or left powered off or in sleep mode. For this reasons, patching them at night can often fail. If patching succeeds, the restart that is required is often inconvenient for the user, who may be using the laptop after hours.

Especially now, as “work from home” becomes the new normal, we want our policies to fit the needs of employees who may be working unconventional or unpredictable hours from home. Our laptop policy allows the user to restart the machine at a time that is most convenient for the user. On the other hand, if the way your team uses their laptops better fits with our tower policy, let us know and we will set all your laptops to follow our tower policy instead. 

For which third-party software does GGIT handle updates?

Here is a list of software that our RMM agent can update.

Patch Reports

What does "approved pending" mean in the Patch Management Summary Report?

“Approved pending” mean that a patch has been approved and will be applied during the next patch management window.

What does "reboot required" mean in the Patch Management Summary Report?

“Reboot required” mean that a patch has been installed, but the computer requires a restart to complete the installation.

ascii logo
Microsoft Partner
Geek Girls IT Services is a Cisco Partner
Geek Girls IT Services is a Cisco Partner
Dell Partner - Computer Services in NJ
Duo MFA Partner - Computer Services in NJ
Dropbox Business Partner Logo

Services

About Us

Contact Us

Geek Girls IT Services, Inc
492C Cedar Lane, Suite 306
Teaneck NJ 07666

Certified New Jersey Women's
Business Enterprise

Copyright 2018-2024 by Geek Girls IT Services | Privacy Policy and Security Notification