For those of you who work inoperations that don't haave a clue, follow along, it is real easy....

1) There is something called a test environment that replicates your production as closely as possible. How about testing those patches first on these boxes?

2) There is also something called due diligence....get on board and stop covering for lazy irresponsible co-workers/managers who don't want to do their part regarding above said due diligence.

3) Finally, there is another thing called business continuity...in case the above fails and the patch does break the box...you fail over to another co-location or system...

Learn some basic definitions and how to put them to use. Whoever has a problem with this article needs to quit their complaining about doing the job you are paid for and stop being part of the problem. It is bad enough that software vendors and coders are churing out flawed software everywhere. But not doing anything about it when the patches are out and options are clearly available to deal with the situation to limit your vulnerabilities to the smallest possible degree is now your problem, not just the vendors.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/74/11947#11947