Monday, December 10, 2012

Patch management in SharePoint

Application of regular security patches and updates is vital for any system. It is same for our SharePoint environment as well. But we should be very careful in patching, as our SharePoint environment can contain mission critical data as well as customization. Data and customization need to be preserved 100% for the patching exercise to be a success.

First we need to understand how Microsoft releases patches for SharePoint.Microsoft provides following types of patches

Hot fixes Released whenever Microsoft encounter vulnerability/issue on SharePoint
Cumulative updates Collection of hot fixes and security updates released every 2 months
Service Packs Collection of fully tested cumulative updates

We can get information on any security update or vulnerability from Microsoft Security Bulletins site. In that site we can search for SharePoint related updates. Once we get the update we need to assess the risk of applying such update.
To assess risks and identify the course of action I use following as the guideline
image
After risk assessment I follow the process given below to apply patches and updates to my production environments
image

No comments: