Remote Patch Management and Cloning Policy
Remote Patch Management
Software patches and security updates are installed periodically through an automated system on all Institute supported Windows-based desktops (not personal laptops) to ensure the integrity of the IT infrastructure.
The updates/patches are applied (i.e. copied) silently (without the user's input), during any time the computer is running and is connected to the Institute's network. They become effective at the next restart thus do not interfere with the user's work save for slowing down the startup process while changes are being applied. This may take up a considerable amount of time (even 5 to 10 minutes) depending on the number of patches/updates to be installed.
However, a number of so-called "critical updates" may be deployed at any time (but typically between 23 and 7 Monday to Saturday and 19 to 7 on Sundays) and may result in a loss of data in case a reboot of the PC is needed. For this reason, the ICT Service recommends that users do NOT leave computers running unattended (especially overnight) and the ICT Service cannot be held liable if done otherwise. This is as well in line with the dispositions of the Green ICT and Green EUI initiatives.
Furthermore, Computer Rooms receive a full new software configuration (clone image) at least twice a year (in summer and in winter).
When cloning is due, the old configuration gets completely replaced by the new one and any data stored locally on the computer is lost unless it has been backed up in advance.
Cloning happens mostly overnight without the user being informed in advance. The user must therefore remember to store all relevant data on his/her personal storage area on the server or on the cloud and NEVER locally.
To facilitate remote patch management and cloning, members of the Institute are asked:
- Never to unplug the network cable from the rear of the computer and/or wall socket
- Not to stop any ongoing update process, should this not be run "silently"
- Never to store any data locally onto the machine (drives C: and D:, if applicable)
- Not to install any unsupported software on the computers which may interfwere with remote patch management
- Never to leave the computer running unattended (for example overnight)
Exceptions need to be justified and authorised by the Head of Unit, Department or Project.
Page last updated on 24 March 2022