Updating your system is a fact of life. There are always a variety of reasons a software company releases an update. Sometimes it is a functional or feature improvement they wish to provide, other times there has been a security risk that has been identified and needs correction. We also will see a large majority of software updates for compliance reasons. A software developer reacting to an operating system change or hardware change. The industry, in general, can be somewhat reactionary from time to time and one change to one item can trigger a large downstream impact of updates and changes that need to occur in order for the entire system to function correctly together.
The idea of functioning “together” is the key. Most of the independent systems: hardware or software, can work just fine on their own. The hard part is making the various systems work together in such a way that is productive rather than restrictive.
Due to the current state of the industry with countless ongoing zero day threats being released and companies scrambling to patch security holes they didn’t, or in some cases DID, know they had results in a revolving door of update cycles for nearly all directions. One week we will see some major operating system updates, that result in patching a large security threat but then, in turn, break the connection with another 3rd party application. IT people and the owners of the systems are new left to try and makes sense of it all in a very limited amount of time.
Generally speaking, it is our recommendation to perform at the very least update services to the network once per fiscal quarter. This should allow for a reasonable amount of software updates and patches to be available while giving the industry some time to react and work on fixing problems caused by one update or another. There are obviously always exceptions and sometimes we will recommend updates weekly if the security risk is that great.