A question of security


I was at a conference yesterday (sadly covered by Chatham House Rule so no juicy snippets) which looked at security of public sector ICT systems, and there was a session which was about malware. Although it was delivered in a matter-of-fact deadpan way, it left me feeling just a little bit nervous (and made me check that “Auto Updates” were enabled on my home PCs, as soon as I walked through the door of Chez Fleming).

I’ll tell you a bit more by the end of the week, but one of the debates was about whether people running bigger ICT systems automatically applied updates (eg Windows Update), or tested them first. Now I’m not sure if you can compare schools and central government departments, so I need a bit of input on the poll below before I’m prepared to say any more…

Comments (3)

  1. apearce says:

    Another thing to think about is WSUS (Windows Software Update Service) which allows the IT Department to approve the windows update before it is roled out to the operating system, office, server products etc.

    You can then set each client to look at the WSUS server and it will download it from there instead of the Microsoft Update site

    You can put computers into different groups and then you can allow that group to have the update for your testing before you apply it to others.

  2. Grumbledook@mac.com says:

    Definitely a case of whether schools have implemented Change Management or Release Management processes (http://becta.org.uk/fits/index.cfm?sect=release&refsect=ntss&bcsect=default)

  3. arichards says:

    We use WSUS to download all the updates from MS. After reviewing them and deciding if they are to be applied our PC's auto update from the WSUS server.

    Our servers get the updates from our WSUS server but we then update them manually on a weekly basis - I don't like the idea of my servers updating and then rebooting without me knowing it.

Skip to main content