Educause Security Discussion mailing list archives
Re: RESULTS: Survey about security maintenance windows
From: Thomas Carter <tcarter () AUSTINCOLLEGE EDU>
Date: Mon, 13 Jul 2015 00:53:13 +0000
The policy mentions notifications; how is that accomplished? Is it a passive (posted on a website/portal, etc) or active (email sent out, etc) notification process? Are there specific notifications (e.g. service and time) or just general (this maintenance window will be used)? About how often are the windows used vs. not used? Sorry for the additional questions, but we have a very small staff and I would like a no-notification required policy. If something doesn’t work during the window, assume it’s IT maintenance. If it’s still not working after the window, then call the help desk. The problem is the notification process easily becomes a “make sure nothing important is impacted” process which becomes a “make sure no one is inconvenienced in the slightest (except IT)” process (from past experience). I would like to avoid that slippery slope if possible. Thanks, Thomas From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark Monroe Sent: Friday, July 10, 2015 3:36 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] RESULTS: Survey about security maintenance windows I missed the email before.. May not mean anything now, but here is our policy http://www.umsl.edu/technology/About%20ITS/ITS%20Policies/ITS_Maintenance_Policy_March2010.pdf Sent from my iPad On Jul 10, 2015, at 3:10 PM, Thomas Carter <tcarter () AUSTINCOLLEGE EDU<mailto:tcarter () AUSTINCOLLEGE EDU>> wrote: Attached is a quickly put together PDF of the results of this survey. No major surprises (except the response that says IT doesn’t get any time off including holidays! Must be a big school with plenty of staff.) My goal with this is to share with my campus leadership that a regular maintenance window is not an unusual request and is part of good business practices. Thank you everyone who responded; your answers were greatly appreciated. Thanks, Thomas Carter Network & Operations Manager Austin College From: Thomas Carter Sent: Monday, June 29, 2015 11:47 AM To: 'The EDUCAUSE Security Constituent Group Listserv' Subject: Survey about security maintenance windows I put together a quick survey about maintenance windows for security issues. My definition of a maintenance window is a time we can remove any IT system from service without prior notice or approval. We’re wrestling with the best frequencies/times/days/etc and I wanted to see what was working for others. This is specifically about maintenance when security fixes, patches/updates, firmware upgrades, etc are done. The survey is here: https://www.surveymonkey.com/r/38JFPBX I appreciate any input you can provide; responses will be kept confidential. If others are interested, I’ll summarize the results here in a week or two. Thanks, Thomas Carter Network & Operations Manager Austin College <MaintenanceWindowSurveyResults.pdf>
Current thread:
- RESULTS: Survey about security maintenance windows Thomas Carter (Jul 10)
- Re: RESULTS: Survey about security maintenance windows Mark Monroe (Jul 10)
- Re: RESULTS: Survey about security maintenance windows Thomas Carter (Jul 12)
- Re: RESULTS: Survey about security maintenance windows Mark Monroe (Jul 10)