We get it, your workload is busier than ever. Between trouble tickets, meetings, projects, ongoing training goals and trying to squeeze in much needed PTO, there are hardly enough hours in the day to do all the things you need to do. Never has this story been truer than in the world of an IT admin in a small or one person IT department. Letting routine maintenance slip through the cracks is something that should be avoided at all costs.

Tips for Your Routine IT Maintenance

Keepings systems up to date and patched to address the latest security vulnerabilities is paramount. Allowing your systems to get behind on releases not only leaves your environment susceptible to attack, but also makes getting to the future upgrades more involved if you’ve managed to fall multiple versions behind.

Here are some tips to follow to ensure you have the best protection possible and to keep you IT systems in tip top shape:

1. Establish a regular cadence for predictable releases (ex. Microsoft Patch Tuesday releases) and reminders to check for less routine updates. Ideally you would be doing most of your updates monthly, but depending on the number of devices in your systems, you might consider staggering tasks a bit:
   1. Zero-day exploits – These should always be patched, or work arounds put in place, ASAP, especially if the affected system is publicly accessible.
   2. Monthly – Windows patching for Servers/Workstations, VMware Security Advisory fixes, externally facing or accessible systems (Firewalls, Websites, Wireless access points).
   3. Quarterly – SAN firmware, Internal IT applications (Backup/Replication software, Storage management applications, FTP software, etc.)
   4. Ad-hoc as available – Microsoft SQL Server Service Packs, VxRail updates, Exchange Server Cumulative Updates, Switch firmware, BIOS
2. Don’t be an early adopter! Far too often, new software releases get unleashed into the wild before the bugs are worked out. Major version upgrades are often touted for their newest features and increased performance, but putting production systems on newly released code can be a risky choice. Consider waiting 30 to 60 days for the rest of the world to find any issues or flaws. If you are lucky enough to have lab equipment or a full dev environment at your disposal, consider test driving on those devices before going in headfirst on production.
3. Always consult a software interoperability matrix or release notes while planning your upgrades. Many IT solutions tie into one another or have dependencies. Be sure you know what order your applications needs to be upgraded so you don’t disrupt services. New software is often backwards compatible but be sure your new version still supports that other older system it needs to interact with. (For example, if you upgrade your VMware vSphere to version 8, but you are still on Veeam Backup and Recovery version 11 or older, you are going to have a bad time.) Here are a few helpful references:
   1. https://interopmatrix.vmware.com/Interoperability
   2. https://www.veeam.com/kb2443
   3. https://help.zerto.com/en-US/bundle/Operability.Matrix.HTML/page/Interoperability_Matrix_for_All_Zerto_Versions.htm

4. Have a safety net. Make sure you have a recent backup or snapshot when upgrading systems. In the event things don’t go as planned, you can revert and reattempt at a later date or when a more stable release is available. For firewalls, switches and storage devices, be sure to keep the previous firmware and configuration backups available as an option to roll back to.
5. Keep good notes or logs for auditing purposes. Time can fly and it can be difficult to recall if you patched a particular system in Q1 or Q4. Creating a spreadsheet of your systems, versions and dates last updated and by whom can be a valuable reference to keeping your tasks on track. Once you have a solid baseline schedule our calendar recurring calendar events to act as a reminder for when the next patch cycles are coming around.
6. Plan ahead. Don’t wait until the last minute to update or replace systems. End of Support and EOL notices are published by nearly all vendors way in advance. Some systems might require a bit more coordination and effort depending on the business units they service, third parties who provide the software or systems that predate your time with the company, but recognizing the objective and bringing all parties to the table to discuss timeline make that process much easier to accomplish. Knowing you have to sunset a piece of hardware two years from now is a much better place to be in than finding out two months before the deadline.
7. Shortcut if necessary. It’s nice to start fresh, but maybe you’ve inherited an old Windows Server that has multiple purposes or is a pandora’s box in terms of what it actually does. It can be daunting to take the known services and build those onto a net new server, cutover and just hope that nothing important was missed. In instances like this, there is nothing wrong with doing an in-place upgrade (or multiple) to take your OS or Application to the desired version. Step your way through each upgrade, testing along the way, until you ultimately reach your desired version. The extra effort will be worth it when you know you can finally say Windows Server 2003 is no longer in your environment.

If you are still at a loss for how to manage all the things, InterWorks can help. Contact us now to find out how our team of Engineers can help assess your environment, advise on update plans and, if need be, do the heavy lifting for you!