As IT professionals, we all reach a certain point in our IT career where we realize that some of our everyday tasks are done the same way year after year without anyone questioning why it’s done that way.
Despite the constant change and improvement in technology, some things just get done the same ineffective way without any real thought behind it because “that’s the way it’s always been done.”
A typical example: patching
Month in, month out, a day comes along that is dedicated to patching.
Patching may be more automated than before because you no longer need to log into each system to patch and reboot tediously. It’s a step forward, but the patching process remains the same.
Patching is disruptive, slow, error-prone, and rarely fast enough to keep up with new vulnerabilities. Why disruptive? We all know that every time a maintenance window comes along, Bob from accounting will remind everyone how “the company’s IT is going to mess up our week.”
He’s right, of course, because performing patching the way it’s always done impacts a business by completely stopping operations or slowing everything down. Companies and their stakeholders don’t like it, and it means that patching reinforces the idea of IT as a money sink inside an organization rather than a driver of business value.
Room for improvement… but no improvement
Patching is also slow. Assuming a month-to-month timeframe and many hours of labor every time, patching as it’s been done all these years is too slow to be an effective deterrent for cyber incidents but time-consuming enough that it always feels like it’s taking too long to do.
But if we’ve been patching the same way all these years, surely we’re doing it that way because it is foolproof, right? Not so much, and that’s true for many other prevalent IT practices, too, where there’s just no good reason for how things are done.
Concerning patching, every sysadmin would identify with a story where…just the other day…instead of selecting only the hot-spare web servers for patching, the management tool somehow deployed patches to all of the web servers, which then rebooted them all at the same time.
Those web servers took a while to come back up, and of course, Bob from accounting quickly pointed out that the company lost “a ton of money” in lost sales during the downtime.
Bob is sometimes annoying like that because, yet again, he’s right. However, patching has always been done this way, so everyone continues to do it this way – and Bob will keep complaining because IT practices don’t change.
Sometimes a better way is already out there
Here’s the eye-opener part that offers a lesson for every case of “we’ve always done it that way in IT”: there are safer, more efficient, disruption-free ways to perform patching.
For many years, live patching has offered an alternative to the old way of patching. It has been tested thoroughly and works flawlessly for organizations, delivering considerable benefits. Why is it not used universally?
Live patching makes the process faster, though “immediate” is an even better word. Live patching is also less error-prone, and there is no disruption. Live patches are auditable and reversible and serve as rapid protection against new threats.
Yet, for some reason, live patching isn’t universally adopted, and the only explanation for that is resistance to change, though some teams may simply not be that well informed.
Find a better way? Adopt it
Understandably, cutting-edge, untested technology isn’t for everyone. But ignoring a tried and tested technology that improves outcomes is never a good idea.
Maybe it’s time to modernize operations by shifting gears and adopting the latest way of doing things. IT practitioners should stay aware of changing practices and watch out for better ways to do things. We need to question whether our everyday practice reflects best practices.
Do that, and we might find that Bob stops complaining about IT.
This article is written and sponsored by TuxCare, the industry leader in enterprise-grade Linux automation. TuxCare offers unrivaled levels of efficiency for developers, IT security managers, and Linux server administrators seeking to affordably enhance and simplify their cybersecurity operations. TuxCare’s Linux kernel live security patching, and standard and enhanced support services assist in securing and supporting over one million production workloads.
The Hacker News