On visiting three separate clients lately (to carry out IT Reviews) we have noticed a growing trend of users not keeping their Windows up to date. There are always lots of common excuses, but it does make you wonder: why should I keep my Windows up to date?
Upgrades vs. Updates
In this blog post, we aren’t talking about a Window upgrade. An upgrade example is moving from Windows 7 to Windows 10, or Windows 10 to Windows 11.
Windows updates are those annoying pop ups you get telling you that you need to restart your computer to install the updates. Sometimes you do this, and then drink multiple cups of coffee while you wait for some big update to install.
And it’s for this reason that many users do not do the upgrades – they can’t be bothered waiting. Admittedly, some of the big updates that Microsoft puts out twice a year can really take a long time to install; Going from Window 10 v1803 to v1909 can take a good twenty minutes.
As mentioned, this is a common reason for users to simply ignore those updates, and carry on as usual.
ALWAYS shut down
That’s also the reason far too many users never shut down their computers; they merely put the laptop to sleep (or hibernate it) so it never gets the chance to actually install the updates. While some updates can install while you are using the laptop (Microsoft Office updates are a good example of this), many Windows updates can only install as the laptop is shutting down, or starting up.
Again, that’s a reason that users never shut their laptop down – ever. This is a terrible security risk, and a big no-no. You should always completely shut your laptop down for the night, or as you leave the office (of course, it’s the same for a desktop PC). And we aren’t talking about putting the machine to sleep; do a full and proper shut down.
The excuse that users have that it will take a long time to install the updates is compounded when they never shut down. This simply means there will be a lot more updates, and it will take a lot longer. It’s a vicious circle, as they don’t shut down properly for months, and then when they do it takes even longer, so this reinforces to the user that they shouldn’t.
There’s also your wifi connection to consider. If you only put your laptop to sleep or hibernate it before leaving the office, it still thinks it’s connected to your office wifi network. When you wake it up again, it can get confused as to where it is, and you may have connection issues. This is especially true in smaller office environments, where the wifi may be set to a similar range as some home wifi networks. That can really trick your laptop into thinking it’s still at the office.
The simple answer is, shut it down – every time.
Why? Think SECURITY
So – why is it a security risk to not do the updates, or not do them regularly? As mentioned, Microsoft puts out two major updates a year. These updates can improve the way you do things, or make your PC run faster, or look more modern. But more importantly, they may (and likely will) contain a bunch of security fixes (‘patches’) as well. Those security patches are essential to keep your computer safe from nasties on the internet, be they on a website or via an email/download.
What is Patch Tuesday?
Some of those security patches (they are called critical patches) are sent out on ‘Patch Tuesday’, the casual name given to the date Microsoft sends out its monthly patches (always the second Tuesday of the month). If it’s an urgent patch, it will be sent out on Pacth Tuesday.
The bottom line is, if you want to keep your network, your users and your data safe, you need to make sure that your users are shutting down correctly. That’s just the start of course – you need to make sure your IT team or your IT provider is sending the updates out correctly, and in a timely manner. Lots of companies do not install the updates straight away, preferring to wait at least a few weeks to see if they will break other people’s systems first. This is fine and a worthwhile approach, but it shouldn’t be months and months before you roll those patches out.
We’ve seen Windows 10 computers lately that are still on v1803. That means March, 2018. That’s a massive security risk, and an unacceptable risk to your company.
There is no direct financial cost to rolling out updates, and keeping your PCs up to date. There is no cost in making sure your users are actually shutting down.
Sometimes this is just a matter of a regular bit of comms reminding users to do this, and also why. Do they want to be the one to bring the company to its knees after some piece of ransomware is installed because they never shut down their computer?
We’re happy to come talk to you or your staff on the importance of shutting down, and letting those patches install. Contact us here.