General discussion

Locked

Security patch refusal by Senior Exec.

By mortonl ·
Automatic patch managment systems requires staff to reboot their PCs when Microsoft sends out security updates. This can be very annoying to some staff. We have a senior executive who works with 20-30 files(email, excel docs,etc.etc) open at once and dreads having to close and remember the files that were open. Needless to say, the security patches must be deloyed. Is there a technical solution to capture and restore what's running on the desktop prior to getting the reboot? Or is there any advice for getting this senior excutive to buy into need for security patches?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by dmiles In reply to Security patch refusal by ...

The conventional way want work,so you would ask him how important the files are to him and the risk he is taking by not updating the matches.
Then their is some that believe that the patches are not necessary.

Collapse -

by sgt_shultz In reply to Security patch refusal by ...

think you can offer to do it for him. see what he has open and save it all off, babysit the update, open it all back up. you get great chance to see what he is doing and maybe offer specific value to his work...that ought to impress him how important you consider this to be. otherwise, only thing you can do is you could offer him more control, let him say when the updates go on. at his convenience. at end of project, say. you will have to baby sit that it gets done timely but opportunity to rub elbows with sr exec. it would be very dumb and negligient of you to not let his windows updates run. single best security thing to do ya da ya da

Collapse -

by dmiles In reply to Security patch refusal by ...

The conventional way want work,so you would ask him how important the files are to him and the risk he is taking by not updating the matches.
Then their is some that believe that the patches are not necessary.
Save files as you work is the only way

Collapse -

by CG IT In reply to Security patch refusal by ...

well I use Windows Software Update Service which allows me to do patch management on our network during non work hours. That way no one is interrupted.

Windows Update Service download and install has the option for users to reboot later.

there are other 3rd party patch management tools you can use. Just google key word patch management.

Collapse -

by CG IT In reply to

You posted this twice and on the other question you made a note that the exec never turns off his computer. Great! all the more reason to go to something like WSUS. you can install updates where needed, then send a Magic Packet out network wide to reboot everthing.

Collapse -

by Matthew Yurksaitis In reply to Security patch refusal by ...

The best way to address both the exec's concerns and the concerns of getting security patches deployed is to deploy the patch after work hours when the exec is home and his computer is still on. There are a number of applications which will do this including Tivoli and Microsoft's Software Update Service etc..

Collapse -

by Andrew06 In reply to Security patch refusal by ...

Sorry if this is a stupid idea, but why not make a temp folder on the desktop and SAVE AS all his documents into that folder.

Then when you reboot, log back on and Control + A and hit enter? Open everything up and away you go!

Stupid idea?

Collapse -

by luke.ingerman In reply to Security patch refusal by ...

My organization is using St. Bernard UpdateExpert to manage patch distribution. The software is easy to use and will allow you to schedule updates at any time of the day. You also have the option of whether or not the system should be rebooted after each update, at the end of all updates, or not at all. This has been very helpful for me in my role as Infromation Assurance Officer.

Back to Security Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums