Hey everyone! I'm currently managing around 20 Windows Servers across various locations, and I'm getting tired of manually checking in and performing updates. I've looked into some solutions like Action1's free tier and Level.io, which seem more efficient than my current method. However, I'm curious about the potential risks involved with using these patch management tools. My servers primarily consist of domain controllers, and while they aren't connected to governmental or health sectors, I'm still concerned. What happens if one of these platforms gets hacked? Besides enabling multi-factor authentication and restricting logins to a whitelisted IP, what else should I consider? As a small to medium business, I'm still getting accustomed to these technologies. Thanks for your help!
2 Answers
Supply chain attacks are definitely a major concern with these tools since you're relying on third parties to manage your updates. If you want to stick with Microsoft, they offer tools like WSUS and SCCM to handle updates internally. That way, you have more control over your servers. Just a heads-up though, WSUS is on the way out, so keep an eye on that for future planning.
Using a cloud-based patch management solution does come with risks, like potential hacking incidents. If you prefer a more secure option, consider moving to an on-premise system to mitigate these concerns, which would allow for manual updates without auto-installation of patches from third-party apps. However, you also want to make sure you have defined update rings so that not every server gets updated immediately after a release—avoiding those dreaded Patch Tuesday issues can save you a lot of headaches! Action1 seems to have a solid reputation, though.
Great point about WSUS! It's always good to be aware of the lifecycle of these tools, especially when planning for future updates.