Software | Monthly update process for Windows servers

Owned by Katie Dufner (Unlicensed), created
Last updated: Jun 02, 2022 by Savannah Swanson
2 min read

  1. Purpose
    Minneapolis Community and Technical College is committed to ensuring a secure computing environment and recognizes the need to prevent and manage IT vulnerabilities.  A compromised Server threatens the integrity of the network and all computers connected to it.  Patch and vulnerability management is a security practice designed to proactively prevent the exploitation of IT vulnerabilities that exist within an organization. Proactively managing vulnerabilities will reduce or eliminate the potential for exploitation and involve considerably less time and effort than responding after exploitation has occurred. The purpose of this policy is to ensure that all Minneapolis College owned servers are proactively managed and patched with appropriate security updates. In addition, this policy is intended to instruct and inform the college community about the patches procedure updates.


  2. Policy
    Servers owned by Minneapolis Community and Technical College by ITS Division must have and maintain up-to-date operating system (O/S) patches. A systems patch cycle for all server O/S shall be scheduled once per month, with no more than thirty (30) days between patch updates.


  3. Process
    Software vendors release security patches on a regular schedule. Applicable patches will be tested and validated by ITS prior to applying to all servers. Once validated, ITS will schedule and deploy validated patches to all servers on a monthly basis. 


  4. Schedule | Third Saturday of the Month through Sunday
    A system reboot is required to successfully install most critical security patches. ITS understands the impact rebooting the server can have on users’ productivity.  In order to reduce impact on the college community, ITS will attempt to patch all servers during non-business hours starting at 6:00PM on the third Saturday of each month through Sunday. 


  5. Off Cycle Critical Security Emergency Patching
    On occasion, a software vendor will release a highly critical security patch outside of their normal release cycle.  The usual reason for the release of an out-of-band patch is the appearance of an unexpected, widespread, destructive exploit that will likely affect a large number of users.  In the event of a published out of band patch, ITS Department will expedite the validation process.  Once validated, ITS Department will apply patches to all servers as soon as possible.