Teach users to patch the system themselves

Source: techtarget

If you are the same as most administrators I know, the questions in this article may confuse you: Why do you want to teach users how to fix their systems? All in all, one of the Administrator's main tasks is to lock the workstation and prevent users from doing anything to the workstation. However, in some cases, it makes sense to teach users how to perform Patch Management on their own.

Companies with many small remote offices are a good example. In addition to dial-up connections, these small offices lack other connection methods. Based on my experience, these small offices are generally equipped with two or three computers that are not continuously connected to the outside world. In this case, it is difficult or impossible to automate Patch Management. If you want to keep the system up to date, you have two options: dispatch technical support personnel to the remote office every day, or teach users how to use patches on their systems. In this case, the simplest and easiest way to save costs is to train end users.

In addition, many administrators also have computers in their homes and have a broadband network that keeps connected. These employees should have the basic knowledge of Patch Management because you don't know when they need to work at home. If an employee's home computer cannot properly use the patch, sensitive files may be leaked to the outside world. Viruses and Trojan horses may also be attached to files on the employee's home computer and then infected with the computer in the small office. If you educate employees about the importance of using patches and show them how to use patches correctly, they are likely to spend some time reinforcing their home computers (especially when you suggest or ask them to do so ).

Patch Management Training Meeting

So, how do you educate users to use patches on their systems? Sending ONLY emails or memos may not work, because half of users do not read these files, and the other half may not pay attention to these files. Therefore, you should try to hold a series of training meetings with various groups or departments to explain and demonstrate Patch Management. Efforts should be made to control the scale of these meetings.

The fewer participants, the easier it is for users to ask questions about things they don't understand.

When you discuss Patch Management with users, you must remember that most users are not familiar with Patch Management. You also need to remember that there are many myths about patches spread everywhere, and some people are very confident in these myths. If you use patches for your system, you need to provide specific suggestions on what you can do and what you cannot do. The following are several questions to consider during the discussion:

· Patches fix flaws and security vulnerabilities.

· If you use Windows XP, enabling the automatic update function will enable Windows to use the latest patch at any time.

· Occasionally, patches are required for Office and other applications. You need to check the website of the application vendor to find patches related to the application.

· If you use an older operating system, you need to go to the Microsoft website to check whether there are new Windows patches for your version.

· If you run older Windows versions and your machine has enough hardware support, upgrading to Windows XP SP2 is a good investment. (You must be warned that the lowest hardware configuration of Windows XP is generally underestimated ).

· Microsoft does not release security patches by email. If you receive an email claiming to be a service package, hot patch, patch, or something similar to a patch, immediately delete the email and do not open it. Such emails usually contain viruses.

If users have specific questions about patches or security issues, they can contact you or visit Microsoft's security website: http://www.microsoft.com/security

　　How to make users listen to your opinions

Using patches is a heavy task for users. Not everyone can accept this idea. However, there is a reliable way to promote patch management, that is, worry.

For example, you can show employees a website of malicious hackers that contain commands that exploit operating system security vulnerabilities. You can explain to employees that, unless they use a patch, anyone accessing that hacker's website will know how to break their company's network. Specific examples of security vulnerabilities in some documents are provided, especially those related to groups or departments attending meetings. Then, they will be presented with the magical Security Bulletin: this patch, once again, to ensure their system security.

Some people may ask why patch management is necessary for home computers sooner or later. The general concept is that only websites of large companies are the targets of hacker attacks. Your company has used security systems.

When I asked this question, I asked the Group how many of them had entered a store and set up a temporary decision to use credit card for consumption. Almost every one has done this once or twice. Explain to them that the store will immediately approve credit card consumption. Anyone with a legitimate credit card can walk into the store without a penny, and then walk out of the store with a TV worth $3000.

Hackers often attack home computers to steal personal information such as personal names, addresses, and social security numbers. With enough personal information, these hackers can use your name and credit history to apply for a credit card. You will soon purchase televisions for these hackers.

Some may also ask if your suggestions are related to them. After all, the computer settings in every home are different. This is for sure. I can assure you that the computer I use when writing this article is very different from the computer I use when I read this article. However, at least one factor that can mitigate your security threats is Windows XP.

Microsoft generally releases a Windows operating system every two years. However, Windows XP has been in use for a long time. Most computers that have been using Windows XP for less than four years are using Windows XP (however, some users use Mac or Linux ). The fact is that Windows XP is a dominant operating system, and the example you show may be related to most people in this group. For a few outdated users using Windows 98, you can use this opportunity to warn these users of the risks they face and encourage them to upgrade.

　　Handouts

You can consider providing clear and simple instructions on how to automate practical patches and manually download patches. You can distribute these handouts at the end of each seminar and provide online links to these guides. In this way, you will receive fewer calls for help, and more users will increase their strength in your struggle to promote Patch Management.