The Case for Managed Patches/Windows Updates

Before opening my own business I took a job with an MSP (Managed Service Provider) with a promise that I would get to implement cybersecurity solutions for their clients as well as take escalations from their Tier 1-2 Helpdesk. What I found was that I had little time to work on the cybersecurity side of my job due to the overwhelming number of escalations for issues the helpdesk could not resolve:

  • Outlook not working properly.
  • Applications acting up.
  • Etc.

Often when I logged in to the machine exhibiting the issue, I saw the Windows Update icon in the bottom right with either a yellow or red dot. I would immediately stop all troubleshooting, have the user save their work and close out all apps, then reboot to apply the updates. If the Windows Update icon was not present, I learned to check Windows Updates Settings. Many of the PCs were so out-of-date that it took hours to redress. I would get the updates started, then put my remote connection to the machine in my left-most monitor (I called that monitor The Incubator) to keep an eye on the updates. 9 times out of 10 installing the updates resolved the initial issue escalated by the Help Desk.

This was bad for business:

Bad for the client

  • Workstations (and servers!) were vulnerable to exploits that had not been patched.
  • Users were experiencing seemingly-unrelated issues that caused productivity to decrease, costing the businesses money.
  • Workstations and servers had to be updated and rebooted, interrupting the business.

Bad for the MSP

  • Helpdesk techs and escalation engineers were spending numerous man-hours on tickets describing symptoms unrelated to the real issue.
  • Clients, who pay for the patching service, were made aware that the MSP was not doing its job, leaving them exposed.

I spoke to management about the issue, but they were too overwhelmed to deal with it. I finally reached out to the RMM provider and had them show me how to update the PCs using automated scripts. I spent several nights running the scripts and updating as many PCs as I could.

Escalations from the help desk dropped by one-third.