Home

Do you have scheduled fixed day(s) of a month for downtime to patch each critical system?

Do you have scheduled fixed day(s) of a month for downtime to patch each critical system?

Top Comment: I answered no, because it's not a fixed day of the month.  Rather, we have a weekend each quarter where we negotiate a quarterly I. View poll results (482 responses)

703 views
482 responses
2 upvotes
No45%
Yes, 1 day of the month33%
Yes, 2 days of the month18%
Others (please specify)3%
Related Tags
Anonymous Author
I answered no, because it's not a fixed day of the month.  Rather, we have a weekend each quarter where we negotiate a quarterly IT outage.  In our work on patching what we found was that it was far easier to hold individual applications accountable for finding their own downtime (negotiating the specific duration/date of each outage with their business customers).  But when broader outages were required (think core switches and routing, shared VM infrastructure, etc) that impacted multiple applications -- and maybe multiple critical applications -- it was easier to pre-plan these weekend outages for the year.  Our experience was that initially these outages were more impactful to systems because we were dealing with a lot of deferred maintenance.  But after the first year (4 weekends) the impacts were much more limited in scope (in general).   Our biggest learning was that it was much easier to negotiate the weekends that we needed a year in advance (and then continually remind people that they were coming up!), and that we always had work that needed to be done.  Also, having these scheduled outages allowed for better coordination of support staff when bigger changes were necessary. 
4 upvotes
Anonymous Author
We used to have a fixed day of the month but with modern operating systems we find most patching can now  be done w/out downtime. As others have said, criticals/sev 1 get done ASAP, others can wait, and if downtime is required, scheduled in advance.
2 upvotes
Anonymous Author
Patch scheduling depends on severity (CVSS score). Most are fixed during scheduled maintenance windows, but high and critical are dealt with as needed to remediate as quickly as possible.
1 upvotes
Anonymous Author
High priority security updates are applied ASAP, other updates and upgrades happen monthly during scheduled maintenance window.
1 upvotes
Anonymous Author
Patch agents are receiving patches and updating systems 24/7, the only scheduled activity is a reboot if systems are going more than seven days without restarting 
0 upvotes
Anonymous Author
As needed, and also regular schedule like MS patch Tuesday.
0 upvotes
Anonymous Author
Depends on the criticality of the vulnerabilities. We can do urgent immediate patches if necessary outside the cycle.
0 upvotes