General discussion


Security patch refusal by Senior Exec.

By mortonl ·
Automatic patch managment systems requires staff to reboot their PCs when Microsoft sends out security updates. This can be very annoying to some staff. We have a senior executive who works with 20-30 files(email, excel docs,etc.etc) open at once and dreads having to close and remember the files that were open. Needless to say, the security patches must be deloyed. Is there a technical solution to capture and restore what's running on the desktop prior to getting the reboot? Or is there any advice for getting this senior excutive to buy into need for security patches?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by w2ktechman In reply to Security patch refusal by ...

whats wrong with changing the updates to install when the system shuts down?

Collapse -

by mortonl In reply to Security patch refusal by ...

I forgot to mention that the Senior Exec never turns off his PC, therefore further complicating patch management during off hours.

Collapse -

by mex_carnal In reply to Security patch refusal by ...

Tell him you have to do your job. What is he going to do fire you for doing your job and making sure your computer (network) is up-to-date with security patches.

There is alot of ways to approach this situation, i just told you what first got into my mind when i read your post.

Good luck,

Collapse -

by w2ktechman In reply to Security patch refusal by ...

well, it has been a while, but configure an auto update at shutdown, and setup a scheduled task to reboot his system at, say 12:30 am every day, every other day, or whatever. Either that or maybe someone needs to manually install them for him while he goes to lunch or something (much more problematic and wasteful.

Or, you can instruct him how to update it and mentio to him the security reasons why he needs to do this.

Collapse -

by OnTheRopes In reply to Security patch refusal by ...

It's nice to see a Senior Exec. do something on a pc besides play solitaire. You might want to acquaint him/her with the "My Recent Documents" folder on the Start menu as well as the document lists that exist under the File menu in most programs including Excel, etc.

I had to create a folder for the "advanced computer user" CEO of a local Fortune 500 Co. where all of his saved files would be stored. Then I showed him the "Date modified" column in Windows Explorer (put a link to Explorer on the desktop".

If the Senior executive is as "knowledgeable" about computers as they seem to be from your question- I have a one-word mantra for you to remember and follow. Backup!

Collapse -

by bschaettle In reply to Security patch refusal by ...

Tell him it's a requirement of Sarbanes-Oxley.

Collapse -

by brudab In reply to Security patch refusal by ...

Annoying or not, the security policy is there for a purpose. Ignore it just once, and you defeat the purpose of having the policy in the first place.

I'd bet if the network crashed once, that same executive will have no qualms blaming you.

Collapse -

by R. A. Caluste In reply to Security patch refusal by ...

Apply the patch but configure it not to reboot system. The patch will be installed but changes will not apply unless the pc is rebooted. Then inform management that IT department will do weekly maintenance on the computers - A/V upgrades, machine reboots.

It should be clearly stated as part of your IT security policy - you should have an IT policy that have the support of the management. Any executive should respect this as part of the company policies.

Related Discussions

Related Forums