Worth The Risk?
Recently, I received a call from an experienced system integrator regarding VTScada’s stance on installing updates on a SCADA system server. They had a customer questioning advice from another SCADA software provider who has positioned themselves with the following stance. For the sake of the server stability, the servers should never receive any Windows® feature or security updates, ever.
When it comes to installing feature and security updates, there is no best decision for everyone. However, with the right understanding, you can come up with a strategy which works well for your system and team. There is a link at the bottom of this article with more information on the update options available with Windows® 10.
“Think of security updates like you would a flu shot.”
To start, it is important to separate strategies for security updates and feature updates into two groups. Think of security updates like you would a flu shot. Most people are advised to get a flu shot each year, despite the fact there is some risk involved. The reason is that the risks from not getting the shot significantly outweigh those associated with having had it. Of course, those with a medical condition such as compromised immune system may be advised against the shot as they are statistically at a greater risk to suffer an adverse reaction or complication.
Keeping with the flu shot analogy, the manufacturers of any operating system would advise that the typical computer should always be kept up-to-date. There will certainly be special cases where it would be advised not to do updates; however, this is not the norm.
Some software packages, such as those built on third-party components, are often more fragile than integrated installations and may be bottlenecked to legacy versions of an operating system. If this is the case, the software manufacturer may suggest that you do not install updates.
In contrast, an integrated SCADA product is more robust and is unlikely to suffer issues after getting the latest security updates. In case an issue is observed, it is typically minor.
So, what advice do we give VTScada customers regarding updates? By default, Windows® preference is to install updates and restart a computer, at night, when it is less likely to be an inconvenience to the typical user. When a SCADA system operator walks in to find a recently restarted computer and notices that the system has not been logging data or monitoring for alarms throughout the night; it makes for a bad day. Therefore, VTScada customers should always deviate from the default Windows® behavior.
It is recommended that our customers keep their computers up-to-date, but schedule their updates for a time when they would consider it to be low risk. Jumping back to the flu shot analogy, you probably wouldn’t get your shot the day before running a marathon. Likewise, you should not plan your SCADA system updates for a Friday afternoon when your resources may be stressed or unavailable.
When planning security updates, a monthly update schedule will provide updates at about the same rate as they are released by Windows®. If that does not work for your team, just remember the longer you wait, the more at risk the server will become.
Contrary to security updates, feature updates are often focused on correcting Windows® bugs as well as adding new features or a new look to parts of the operating system. If you have a stable build, you may not want to break a good thing with a feature update. That said, computers are better today than they have ever been so doing a feature update at least annually is usually worth it.
If you’d like to learn a bit more about implementing some of the ideas in this article, please check out the link below:
More from Lifewire.com – How To Change Windows Update Settings
Dave Spencer| Technical Sales
E: David.Spencer@Trihedral.com
VTScada– Instantly Intuitive SCADA & HMI Software