Question

Draft a Corporate Policy on how patching will be implemented on the Windows Operating Environment. Be sure to include the Servers, Clients, and any associated devices (i.e printers). The policy should be as detailed as possible. Please type it not write it and take a picture, it is hard to read it

Answer 1

Patching is the process of installing or updating the operating system with a patch.
A patch contains updates for the application and which application or version of application can update it.
A patch may contain an entire file or only the file/files bits necessary to update or install part of the required file/files.It is used to update the servers as well as clients.
Due to software vulnerabilities, you apply a patch today, the new vulnerabilities must be addressed tomorrow.
Standards to develop and automate patching process that must include each of the following for security reasons:

1.Detection.
Using tools to scan systems for missing security patches and related patches to avoid security attacks as security is main concern. Otherwise it can be used to improve the performance of the system (OS).
The detection should be automated as per directives to trigger the patching process as to avoid unnecessary overload.
It must be customized to user or user specific.

2. Assess to Patch/Patches
If necessary updates are not installed according to specification, determine the severity of the issue(s) addressed by the patch and the mitigating factors to avoid issues, that may influence decisions.
By balancing the severity of the issue and mitigating factors, it is determined if the vulnerabilities are a threat to system.

3. Acquire the suitable patch
If the vulnerabilities are not addressed by the security reasons/measures already in place, then perform testing using the standard or most suitable patch.

4. Test the patch/patches
Start patching on a test system to verify the ramifications and implications of the update against required configuration.

5. Deploy the patch/patches
Deploy the patches to user computers/servers. confirm that applications are not affected. If not suitable/power failure/system configuration then rollback or backup restore plan if needed.

6. Maintenance of the patches
Subscribe to notifications which will help to know vulnerabilities as vulnerabilities are reported/informed.
Begin the patching if vulnerabilities are reported.