[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 20/01/2009 14:05, Henry Bremridge wrote: > On Tue, Jan 20, 2009 at 01:49:34PM -0000, Neil Stone wrote: > > > >> "Don't you just hate it when your boss is so computer illiterate yet has >> the power to veto the simplest of ideas to catastrophic end," said one, >> who asked to remain anonymous. >> >> http://www.theregister.co.uk/2009/01/20/sheffield_conficker/ >> >> I was having a laugh at the truth in that statement... >> >> > > I thought the sadder laugh is at the following line > > ' The trust argued that the consequences of its decision making had not cost > public money, "just time and effort by the IT teams".' > > If wasted time and effort is not wasted money ........ > > 'Until late December, Sheffield Teaching Hospitals Trust had a policy in place > that would apply security updates across its network a few weeks after the patch > release, and enforce a reboot.' > > ie unpatched system left vulnerable for several weeks > Where I used to work they had a policy of only installing really mission critical updates hours after their release and generally leaving updates a month until they could be tested on their test network before releasing them into the wild. I think the policy that this trust had though, i.e turning off all automatic updates was a really bad idea. Rob -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html