Blog Archives – Page 17 of 31

test

Do you have control of your Office 365 data? Do you have access to all the items you need?

The typical reaction is, “Microsoft takes care of it all.”

Microsoft takes care of quite a bit and provides a great service for their customers. However, Microsoft’s primary focus is on managing the Office 365 infrastructure and maintaining uptime to users. They are empowering YOU with the responsibility of your data. The misconception that Microsoft fully backs up your data on your behalf is quite common, and without a shift in mindset, could have damaging repercussions when this responsibility is left unattended. Ultimately, you need to ensure you have access to, and control over, your Exchange Online, SharePoint Online and OneDrive for Business data.

The misunderstanding falls between Microsoft’s perceived responsibility and the user’s actual responsibility of protection and long-term retention of their Office 365 data. The backup and recoverability that Microsoft provides and what users assume they are getting are often different. Meaning, aside from the standard precautions Office 365 has in place, you may need to re-assess the level of control you have of your data and how much access you truly have to it.

As a robust and highly capable Software as a Service (SaaS) platform, Microsoft Office 365 fits the needs of many organizations perfectly. Office 365 provides application Availability and uptime to ensure users never skip a beat, but an Office 365 backup can protect you against many other security threats.

6 reasons why backing up
Office 365 is critical

1. Accidental Deletion

If you delete a user, whether you meant to or not, that deletion is replicated across the network, along with the deletion of their personal SharePoint site and their OneDrive data. Native recycle bins and version histories included in Office 365 can only protect you from data loss in a limited way, which can turn a simple recovery from a proper backup into a big problem after Office 365 has geo-redundantly deleted the data forever, or it has fallen out of the retention period.

There are two types of deletions in the Office 365 platform, soft delete and hard delete. An example of soft delete is emptying the Deleted Items folder. It is also referred to as “Permanently Deleted.” In this case, permanent is not completely permanent, as the item can still be found in the Recoverable Items mailbox. A hard delete is when an item is tagged to be purged from the mailbox database completely. Once this happens, it is unrecoverable, period.

2. Retention Policy Gaps and Confusion

The fast pace of business in the digital age lends itself to continuously evolving policies, including retention policies that are difficult to keep up with, let alone manage. Just like hard and soft delete, Office 365 has limited backup and retention policies that can only fend off situational data loss and is not intended to be an all-encompassing backup solution.

Another type of recovery, a point-in-time restoration of mailbox items, is not in scope with Microsoft. In the case of a catastrophic issue, a backup solution can provide the ability to roll back to a previous point-in-time prior to this issue and saving the day.

With an Office 365 backup solution, there are no retention policy gaps or restore inflexibility. Short term backups or long-term archives, granular or point-in-time restores, everything is at your fingertips making data recovery fast, easy and reliable.

3. Internal Security Threats

The idea of a security threat suggests hackers and viruses. However, businesses experience threats from the inside, and they are happening more often than you think. Organizations fall victim to threats posed by their very own employees, both intentionally and unintentionally.

Access to files and contacts changes so quickly, it can be hard to keep an eye on those in which you’ve installed the most trust. Microsoft has no way of knowing the difference between a regular user and a terminated employee attempting to delete critical company data before they depart. In addition, some users unknowingly create serious threats by downloading infected files or accidentally leaking usernames and passwords to sites they thought they could trust.

Another example is evidence tampering. Imagine an employee strategically deleting incriminating emails or files — keeping these objects out of the reach of the legal, compliance or HR departments.

4. External Security Threats

Malware and viruses, like ransomware, have done serious damage to organizations across the globe. Not only is company reputation at risk, but the privacy and security of internal and customer data as well.

External threats can sneak in through emails and attachments, and it isn’t always enough to educate users on what to look out for — especially when the infected messages seem so compelling. Exchange Online’s limited backup/recovery functions are inadequate to handle serious attacks. Regular backups will help ensure a separate copy of your data is uninfected and that you can recover quickly.

5. Legal and Compliance Requirements

Sometimes you need to unexpectedly retrieve emails, files or other types of data amid legal action. Microsoft has built in a couple safety nets, (Litigation Hold) but again, these are not a robust backup solution capable of keeping your company out of legal trouble. For example, if you accidentally delete a user, their on-hold mailbox, personal SharePoint site and OneDrive account is also deleted.

Legal requirements, compliance requirements and access regulations vary between industries and countries, but fines, penalties and legal disputes are three things you want to avoid.

6. Managing Hybrid Email Deployments and Migrations to Office 365

Organizations that adopt Office 365 typically need a window of time to serve as a transition window between on-premises Exchange and Office 365 Exchange Online. Some even leave a small portion of their legacy system in place to have added flexibility and additional control. These hybrid email deployments are common yet pose additional management challenges.

The right Office 365 backup solution should be able to handle hybrid email deployments, and treat exchange data the same, making the source location irrelevant.

Conclusion

Whether you are considering moving your organization to Microsoft Office 365 or have already embraced the benefits of Office 365 within your organization, find a backup solution that offers you both complete access and complete control of your Office 365 data and avoid the unnecessary risks of data loss.

Future of Data Growth

I’m certain anyone reading this is well aware of the statistics about Data growth and how it is impacting storage requirements across all industries. This isn’t a new challenge in our industry, but the conversation does have an added twist when we consider the impact of IoT. We commonly read about companies experiencing anywhere from 20% to 50% year over year growth. The terms “exploding!”, “explosive”, and “exponential” are usually found in articles associated with data growth (and now I’ve used all three in one post). While this data growth continues to be spurred on by the traditional sources associated with business data (databases, documents, email, etc.), we are seeing even greater capacity requirements being generated by IoT devices.

For this post, when I speak of data from IoT, I am lumping together data generated by security video, temperature gauges, vibration sensors, connected cars… you get the idea. In fact, according to some sources, IoT data is 10x the growth of that associated with traditional data sets. And, IDC estimates IoT devices will grow to 28.1 Billion by 2020. So, data collected from these devices, and storage solutions needed to maintain this data, will become increasingly important.

Storage for IoT Data

Among our clients, we see a tremendous growth in the need for storage to maintain Security Surveillance Video. Beyond simply providing a place for video streams to be written, our clients are analyzing the video; utilizing software to perform anomaly detection, facial recognition, etc. I shared a couple posts recently, written by two of my colleagues at Zunesis, that expands on this topic. And, Analytics isn’t isolated to video only. The value of IoT devices is that they capture data at the edge, where it is happening, and this is true across all IoT devices. Once collected, software can perform analysis of the data to derive meaning beyond the data points and, in many cases, produce actionable insights. So, storage required for IoT data needs to be able to hit large scale quickly and have performance characteristics that allow analytics in near real time. And, of course, this storage still needs to provide reliability and availability associated with any business-critical data.

To meet the storage requirements defined above, HPE has created a hardware platform and partnered with two software defined storage (SDS) companies to provide solutions for scale-out storage that will grow from a couple hundred terabytes to petabytes and provide both the reliability and performance required of the data generated by the ever-expanding number of IoT devices. The HPE hardware is part of the HPE Apollo family. The software that utilizes this hardware comes from Software Defined Storage providers, Qumulo and Scality. Here is a summary for each of these solution components:

The Apollo Family of compute and storage:

The Apollo Family of systems from HPE are each designed to provide compute, storage, and networking that meet the needs of both scale-up and scale-out requirements. They are targeted at workloads supporting Big Data, analytics, object storage and high-performance computing.

The scale-out compute part of the HPE Apollo System portfolio includes the Apollo 2000 System for hyperscale and general-purpose scale-out computing, the Apollo 4000 System Family is targeted at Big Data analytics and object storage while the Apollo 6000 and 8000 Systems are designed to support HPC and supercomputing. Density, ease of management (all incorporate HPE iLO management), and efficient rack-scalability are features shared by all members of the portfolio.

Qumulo File Fabric (QF2)

Qumulo is a software defined scale-out NAS that scales to billions of files in a flash-first design. With the Apollo/Scality solution, you can scale from 200TB to over 5PB of usable capacity. This solution uses advanced block-level erasure coding and up-to-the minute analytics for actionable data management. The file services provided by Qumulo are also supported in the public cloud, currently on Amazon Web Services.

Use cases include:

Media & Entertainment
Security Video
Life Sciences & Medical Research
Higher Education
Automotive
Oil & Gas
Large Scale Online/Internet
Telco/Cable/Satellite
Earth Sciences

Scality RING

Scality is a a software defined Scalable Object Storage solution that supports trillions of objects in a single namespace. With the Apollo/Qumulo solution, you can scale to over 5PB of usable capacity. The access and storage layers can be scaled independently to thousands of nodes that can be accessed directly and concurrently with no added latency.

Use cases include:

Media & Entertainment
Security Video
Financial Services
Medical Imaging
Service Providers
Backup Storage
Public Sector

So, yes, data footprint is growing and won’t be slowing down anytime soon. If your data set is outside the traditional business data sets and requires scale-out storage that supports large numbers of files and the ability to perform actionable analysis quickly, then you probably need to look outside of the traditional scale-up storage solutions and look at solutions purpose-built for these large-scale workloads. HPE Apollo, Qumulo, and Scality are a great starting point for your research.

Simple, Secure, Scalable

One solution I have found that lives up to those key words is Aruba’s new SD Branch solution. This solution is intended to help enterprise customers modernize their branch networks for the ever-evolving network requirements that IT needs to support. According to Aruba, the new SD Branch offering is

“Ideally suited for distributed enterprises undergoing digital transformation, Aruba SD-Branch delivers optimized branch experiences with simplicity at enterprise scale and integrated, best-in-class security. Retail, hospitality, and healthcare organizations can manage SD-WAN, WLAN, LAN, and unified policy for thousands of sites in the cloud.”

But how is it delivering on those marketing key-words?

Simplicity for the Distributed Enterprise

Within the branch, Aruba’s new service offers granular QoS through application, user, and device contextual awareness. This functionality also extends across the WAN for SaaS, mobile UC, and other remote applications. This is meant to simplify how LAN and WAN traffic gets prioritized and routed, both inside and outside of the branches, giving IT teams the ability to deliver a consistent experience across the organization regardless of device type, user role within the organization, or physical location on the network.

Integrated Security

Of course, security is a major concern with basically any new tech offering. Aruba offers intra-branch and WAN policy enforcement capabilities that are both automated and granular. Aruba has a new set of Aruba 360 security exchange technology partners that deliver cloud-based firewall and threat protection to help IT keep all of the organization’s digital assets safe and protected.

Scalability

Aruba’s SD Branch solution is managed and configured in the cloud using a tool called Aruba Central. Central has been around for a while now and is most commonly used to manage large dispersed wireless access. The management functionality, along with the new “WAN analytics” piece I discussed above, have been extended to include the branch gateways at each location. Being a cloud management tool first and foremost Central can scale to meet the demands of any network (as they have been doing for years with some of Aruba’s largest dispersed customers), so customers have the peace of mind that their investment will be protected, no matter how large they grow, for years to come.

Simple, Secure, Scalable

If you follow the announcements from major networking vendors you will have noticed a trend, at least in the marketing, for new solutions that are emerging from these companies. Every whitepaper or datasheet you read will have the key words “Simple”, “Secure”, and “Scalable” littered throughout the document. The reason for this is because, from a high level, these are some of the most important factors for customers when making a purchasing decision.

One solution I have found that lives up to those key words is Aruba’s new SD Branch solution. This solution is intended to help enterprise customers modernize their branch networks for the ever-evolving network requirements that IT needs to support. According to Aruba, the new SD Branch offering is

But how is it delivering on those marketing key-words?

Simplicity for the Distributed Enterprise

For enterprises, this new SD-Branch solution offers cloud-based management option that allows them to provide remote, centralized provisioning and management of both wired and wireless connections within the branch and through WAN and internet connections in the SD-WAN infrastructure. The idea behind it is to give IT the ability to implement new services and make network changes quickly even across huge environments that are distributed throughout different locations and departments. So you can manage everything from one centralized console without needing multiple programs for different functions or parts of the enterprise.

Within the branch, Aruba’s new service offers granular QoS through application, user, and device contextual awareness. This functionality also extends across the WAN for SaaS, mobile UC, and other remote applications. This is meant to simplify how LAN and WAN traffic gets prioritized and routed, both inside and outside of the branches, giving IT teams the ability to deliver a consistent experience across the organization regardless of device type, user role within the organization, or physical location on the network.

Integrated Security

Scalability

Video Analytics and Theft

Imagine a manufacturing company with an 80,000 square foot plant, multiple exits and shipping docks, 200 employees and several products which are as small as the palm of a hand or as big as the flatbed of a pickup truck.

Obviously a lot of elements to this scenario. Now imagine there has been theft which has been taking place during and after hours of operation. This threat has been going on for at least six months and product loss has started to affect cost of goods.

This is where video analytics comes into play. Now, there might (actually should) be video cameras set up throughout the facility, but they are missing the video analytics component. With video analytics, the possibilities of detection are endless and evolving every day.

Anomaly Detection

The specific package for this scenario could be “Anomaly Detection.” Anomaly detection has the ability to pick up on something that is not deemed normal in any environment. For example, if all employees are wearing uniforms, but there’s one individual who is not wearing a uniform and is hanging around an exit door or shipping document, this would send an alert for security to investigate.

Or another example would be if running wasn’t allowed in the facility, and cameras show two or three individuals (wearing uniforms) running towards an exit door. Is there a fire, emergency or are they actually trying to steal something? Another possibility is there is supposed to be 7 employees in a designated area and there are only 6 or more than 7, anomaly detection has the ability to send out an alert to specific personnel to investigate the abnormal activity.

Facial Recognition

Video Anomaly Detection Another package for this scenario could be “Facial Recognition.” Maybe the facility doesn’t have uniforms for its employees, but through the use of Facial recognition, the organization knows exactly who’s working for the company and where their work-station is. Each morning or evening when employees walk, facial recognition could identify all the certified employees. However, what if one person wasn’t identified. Who is he/she? Where is he/she? What is he/she doing? Again, another alert could be sent to Security to investigate.

Maybe there’s a specific section of the plant where the majority of theft is taking place. Facial Recognition could identify the employees who have that work station and Anomaly detection might be able to identify abnormal activity from a specific employee or employees.

The options and scenarios are endless and over time, video analytics has the ability to self-learn. By Machine Learning, the ability to identify abnormal activities will continue to multiply and also identify exactly who is supposed to be (and not supposed to be) where and when.

This is just one example where video analytics could be useful in so many ways; safety, cost-efficiency, theft prevention, security, etc.

More Scenarios

A casino would be able to identify when a ‘high-roller’ walks into their establishment. The concierge would greet that person with the ‘VIP’ treatment (i.e. favorite beverage, favorite table, etc.). It would also be able to identify abnormalities which could spot card-counters or cheating in anyway. Underage gambling may also be reduced due to facial recognition. Addicted gamblers could be removed from the building if they put themselves on a self-ban list.

An issue at the forefront right now and probably the most important issue at hand is children’s safety in schools. Anomaly detection would be able to detect if a person should or should not be in a specific location of the school. Facial recognition could identify whether the person is a student, employee or security guard. If not, alerts can be executed and initiate all sorts of preventative measures (classroom doors auto-lock, 911 notified, security guards sent to the specific area, etc.).

What about school buses? Facial recognition would be able to identify and count the number of children on a specific bus. If John or Jane Smith is not on the bus, an alert would be notified. Anomaly detection could identify bullying or fighting or any abnormal behavior taking place on the bus. What if a random person tried to board the bus?

Again, the options are endless. There will be a lot of learning from a human standpoint and a machine learning standpoint. As listed here, I think we all would agree there are certain areas which need to be implemented as soon as possible.

We recently put out a quiz that lets you know what kind of IT Superhero you are. (If you haven’t taken it, go take it now! https://www.zunesis.com/it-super-hero-quiz ) The personality types we highlighted in this quiz, and their respective IT superheroes, got me thinking. It all reminded me of another famous comic team who was a huge part of my childhood: The Teenage Mutant Ninja Turtles. The parallels were pretty shockingly accurate and represents the colorful personalities we interact with in our industry every day.

The “Leonardo”- The IT Leader.

Leonardo is the eldest brother and represents the most traditional line of IT experts. Known to take charge, lead by example, and be the most in-line with traditional Ninja teachings. People in the IT industry that fit the “Leonardo-type” have often times been in the game the longest. This type of IT leader will typically be very experienced in dealing with IT solutions and want to do whatever necessary to keep their organization up and running, however they are often more averse to change or implementing strategies they are unfamiliar with. They are proponents of traditional infrastructure processes as much as Leonardo is a proponent of traditional Ninja methodology.

The “Raphael” – The IT Rebel

This type of IT professional is seen frequently in our industry. They often work diligently at assisting, and sometimes opposing, with the Raphael “Leonardo types” and this strongly parallels the “Leader/Second-in-command” friction seen in the Teenage Mutant Ninja Turtles hierarchy. Though Raphael can sometimes come to blows with his authoritative figures, he is frequently instrumental in getting his team to succeed by going against the grain. Raphael is known as the turtle most likely to push back against “the norm” in order to achieve a common goal. “Raphael-types” are a common facet of the IT world and are very important in persuading their leaders and peers into pursuing previously underutilized avenues.

The “Donatello”- The IT Wizard

Often the most calm and easy to get along with…assertiveness is not needed by Donatello as his brains and enthusiasm for technology do the heavy-lifting. “Donatello-types” are naturally gifted when it comes to new developments in technology. They are often found on the cutting edge of the industry and can help champion new gadgets and methods that they want to see their organization take part in. Much like Donatello, these tech-pioneers are on the forefront of all the latest advances in IT and really know their stuff. Be sure that you are ready to keep pace with them!

The “Michelangelo”- The IT Character

Michelangelo is the youngest and “most fun” member of the Turtles. His easygoing and talkative nature is a refreshing attribute to the TMNT and he helps lighten the mood in tense situations. Much like the youngest Ninja Turtle, “Michelangelo-types” can be a welcome addition to any IT team. Amidst in-depth conversations of high-level topics like funding and infrastructure solutions, a “Michelangelo-type” can be a great contact person to dial things back down and push conversations forward. Just keep on top of them and work “WITH” them. If you can stay laser focused on this kind of IT professional, the “Michelangelo-type” will be your best friend!

The “Master Splinter-The Decision Maker

This archetype represents CEO’s and Presidents of companies. They have the final say when it comes to approval of infrastructure solutions. Although they may not be directly involved in the IT discussions, their opinion matters! Just like Master Splinter.

The “April O’Neil”- The Influencer

Reporter, April O’Neil is instrumental in giving the turtles a window to the outside world. She updates them on news from the surface, while also April presenting the turtles in a positive light to the scrutinizing media. This represents our vendors. We go to bat for them to drum up business and champion their products. In return they are advocating for us and ensuring we have proper visibility with all our current and future clients at every turn! We couldn’t do it without them!

The “Casey Jones”- The Contractor

We do everything possible to take care of our customers, but sometimes we need a little help! Just like Casey Jones who frequently steps in to assist the Teenage Mutant Ninja Turtles when things get sticky, sometimes we team up with outside engineers and contractors when another set of hands is needed. Together, we deliver!

This is just a small sampling of some of the characters we interact with, in our world of IT, and hopefully gives you a little better glimpse into what we do. None of these aforementioned descriptions should be considered concrete. Just a broad overview of the tech-spectrum. The important thing is learning how to work with each personality type and find solutions to problems.

Cowabunga, dude!!

Most companies are gathering trillions of bytes of data, day after day, at no small cost, and then doing very little with it. Worse still, the data often is not serving its primary function very cost effectively. The “culprit,” so to speak, is video surveillance data, the information captured by the video cameras that are used throughout most modern facilities. But the situation is changing rapidly, thanks to the new landscape of Video AI Analytics Applications.

What is Video Analytics?

Video Analytics can be described as “the emerging technology where computer vision is used to filter and manage real time CCTV video for security and intelligent traffic monitoring.”

Simply put, Video Analytics is an automated approach to managing and analyzing video, without the cost or man-hours previously required. There are many different brands and technology platforms for Video Analytics, but they all work on the same basic principles, using pattern recognition and other Algorithms technology to provide two critical capabilities: Recognize unusual activities as they happen and notify the security system in real-time.

Functionality

Today’s Video Analytics software offers growing functionality. For example, it can be programmed to look for specifically defined anomalies. It can even be programmed to give special attention to specific elements in a video frame—such as a computer, door, or filing cabinet. Video Analytics software tracks people and objects, and can send alarms when suspicious activities occur. Furthermore, Video Analytics can be integrated with other security and information systems to create new possibilities for using and managing video data.

The first step for most companies is to use Video Analytics to support and enhance guard performance. In this application, Video Analytics software continuously monitors everything that happens in the field of vision of every surveillance camera, every second of every day. When it sees suspicious or unusual patterns and activities, it sends an alert to the security system so guards can look at the monitors, see first-hand what is happening, and take any needed immediate action. It can also trigger other security events, such as coordinating the motion of several cameras to track the movement of a suspect through a facility. In some programs this is called “guard service.” Guard service should make every guard more effective, so companies find they can improve security and reduce staff at the same time. Recent studies show that it’s common for guard service applications to generate savings of 75% or more in total guard costs.

Adding on to that value, Video Analytics can then be linked to card access systems to improve security. A card being used in an unauthorized or suspicious way can trigger cameras to zero in on the event and record the time and other information in a searchable video log. The real power of Video Analytics may be the fact that it turns analog video into useable data that can be analyzed, searched and managed. This opens endless possibilities for guiding decisions on facility use, energy consumption, personnel safety, and many other issues. Vitally is the improved response time. You can simply find information and act on it more quickly with Video Analytics, whether the problem is a break-in happening right now, or a building use problem that pops up every day.

Key Features of Video Analytics

Value with Video Analytics: Augment staff and improve camera investment ROI by extracting key information from captured video to uncover insights and patterns.
Create a Security Model: Customize the “monitor and alert” parameters from live-streaming fixed cameras to help identify perimeter breaches, abandoned objects and more.
Find the Buried Pictures: Save time when searching for relevant images. Advanced content-based algorithms for detection improve time and accuracy of cross-correlation and trend analysis.

After collecting and storing petabytes of video data, organizations now want more value out of their investment. Video Analytics provides an answer, helping most companies improve security and lower costs. By starting with applications that deliver rapid ROI, like guard enhancement, companies can implement the technology in a way that pays for itself. The value can then be extended to other security and information systems, leveraging many technology investments to improve security and building management.

Are Windows updates necessary? Applying updates every month is not something system administrators look forward to but they are necessary and extremely important in the times we live in.

Most updates each month include security updates. Security issues are the worst possible type as they may be exploited by malware or hackers. These types of situations are regularly identified in various parts of Windows – ActiveX, IIS, Internet Explorer and .Net Framework are just examples. Other updates address other bugs and issues in Windows. Even though they are not responsible for security vulnerabilities, they might impact the stability of your Operating System. Last, but not least, Windows Updates sometimes come with new features, while patching some known issues – and the best example for this is IIS and Internet Explorer.

The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn’t perfect, we all know that. The latest Windows security patches fix the vulnerabilities and errors in Windows and associated software, and they occasionally add new features. This essentially summarizes why you should regularly run a Windows Update.

Security issues are regularly identified in various parts of the Windows operating system, including the main platform. Even if you do not run the respective software, it is a risk not to patch it, simply because it is installed on your system. Note that these updates are required, even if you are running anti-malware or anti-virus software, as that software may not sufficiently protect you from Windows security issues.

Consequences to Not Installing Updates

Some ways to control and monitor the deployment of Microsoft updates in a corporate environment is with products like WSUS or System Center Configuration Manager(SCCM).

Here is a list taken from Microsoft of some common types of updates available each month.

Critical Updates

Critical Updates are a widely released fix for a specific problem that addresses a critical non-security-related bug.

Security Updates

Security updates are a widely released fix for a product-specific, security-related vulnerability. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low.

Monthly Rollups

Monthly Rollups are relatively new. They are a tested, cumulative set of updates. They include both security and reliability updates that are packaged together and distributed over Windows Update, WSUS, System Center Configuration Manager and Microsoft Update Catalog for easy deployment. The Monthly Rollup is product specific, addresses both new security issues and non-security issues in a single update and will proactively include updates that were released in the past. Security vulnerabilities are rated by their severity. The severity rating is indicated in the Microsoft security bulletin as critical, important, moderate, or low. This Monthly Rollup would be displayed under the title Security Monthly Quality Rollup when you download or install. This Monthly Rollup will be classified as an “Important” update on Windows Update and will automatically download and install if your Windows Update settings are configured to automatically download and install Important updates.

Service Packs

A service pack is a tested, cumulative set of all hotfixes, security updates, critical updates, and other updates. Additionally, service packs may contain additional fixes for problems that are found internally since the release of the product. Service packs may also contain a limited number of customer-requested design changes or features.

Non Critical Updates

While non critical updates are not responsible for security-relevant vulnerabilities, they may still be very annoying as they potentially impact the performance and stability of Windows. So the main reason for installing general updates is to avoid or resolve Windows issues and hopefully have a smooth running System.

Testing

It is very important to create a group of desktops and servers for testing the latest updates. Once the updates are applied to the test, computers monitor and document any irregularities in behavior of the test systems. Although Microsoft updates rarely cause a problem it has been known to happen thus the reason for a test group of computers. If all is well after at least a week with the test group, it is relatively safe to deploy the tested updates to production.

Even after testing, there is no guarantee a problem won’t arise but it’s not worth the risk you may be taking of not applying these security patches.