mailing list archives
Re: Getting Off the Patch
From: phocean <0x90 () phocean net>
Date: Fri, 14 Jan 2011 19:22:53 +0100
If you don't do any
testing and don't care then you don't have that work or money to lose
with patching. But I said that already.
I can't leave that one. Seriously and with all the respect I have for
you, have you ever worked for a large company ?
First, there are ALWAYS (we are talking about scaling organisations,
right, not about startups) SEVERAL environments for critical
applications. Not for patching, but for coding, testing, validating and
producing. Each platform can be used for testing the patches. Patch
management doesn't involve additional cost here. It is just the way
production environments work.
Second, companies using critical applications and serious about their
users and environments don't care about the cost of a few more servers
if ever it was required.
I am aware one can find tons of counter examples of big companies
failing in having such processes, but it is an organization problem. Not
a patch management one.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/