TECHNICAL BRIEFING NOTE
Each server comprises a virtualised software platform and a server hardware platform. The managed service offered with each server includes the on-going maintenance and enhancement of the virtualised software platform during its life on the customer’s premises. This maintenance and
enhancement is achieved through the following controlled changes to the server:
- Software upgrades
These software upgrades introduce new capabilities to extend the software’s functional capabilities, enhance its manageability, improve its performance and much more besides. They
also address defects and vulnerabilities that are not believed by the relevant software vendor to
be either critical or important.
- Important software patches and security updates
These patches address software platform defects where the vendor of the affected software believes that those defects to be ‘critical’ or ‘important’ because they could create (or could imminently create) serious issues with respect to the availability of the software platform for its intended use or risk of loss of or damage to the integrity of the customer’s data. The updates are enhancements to the security software on the server to address threats identified by the vendor
of that software which are deemed to create an immediate or short-term risk to the availability of the software platform for its intended use or to the privacy or availability of the customer’s data.
- Urgent software patches and security updates
These software patches and security updates are few and far between and comprise the most urgent of the critical software patches and security updates issued by software vendors. A patch or update is deemed to be urgent if, in the sole opinion of the Customer Success Team, it is believed that the defect or vulnerability will have an immediate and catastrophic effect on the server and/or
the privacy or integrity of the customer’s data. Such patches and updates are ones which it is believed cannot wait until the next occasion on which critical and important software patches and updates and software upgrades are to be applied.
Service Continuity Impact of Patches and Upgrades
The patches and upgrades will result may some partial (or even complete) loss of service on the server during their application.
Other than these patches and upgrades, the only activity performed on each server that is expected to cause a partial loss of service is the creation of snapshots of software images prior to them being backed up, both locally and to the Cloud. All the software images on each server are backed up in full once each week and the Active Directory image (including the AD user data) is backed up incrementally daily as well. As each image is snapshotted to create a backup copy, it becomes unavailable for use for just a few minutes and is then restored again immediately.
Notification of Intended Patches and Upgrades
Fundamental to the effectiveness and cost-efficiency of the managed service is the requirement for all customers to use the very latest version of the software platform, with only minor deviations from this principle being permitted in order to address customer-specific timing issues (such as a critical business deadline). Customers therefore cannot ‘opt-out’ entirely from any individual patch, update or upgrade – they can simply request minor adjustments to the date of its application.
We work to a schedule when applying important software patches, security updates and software upgrades and will notify customers at least one week in advance of any intended patch, update or upgrade so that they can (a) plan for the service loss that may occur, or (b) notify us on a case-by-case basis of any important business reasons why the patch, update or upgrade needs to be moved to a different time. Any postponement by the customer of the application of a patch, update or upgrade is always subject to the customer’s acceptance of responsibility for the resulting interim risks to the reliability of the server and the availability, privacy and integrity of their data.
The sole exception to the schedule and advanced notifications that go with it is in relation to the application of any urgent software patches and security updates which need to be applied as soon as possible after we have tested/validated them.
Urgent software patches and security updates are generally applied to every server as soon as the patch or update becomes available. We provide notification of its intention to do so by 1200 on the day on which the urgent patch or update is to be applied overnight. Provided that we receive a request to postpone by 1800 the same day, it will postpone the patch or update for a short period provided that the customer fully accepts the risks associated with postponement.
After the application of any patch, update or new upgrade, notification will be provided within four working hours if and only if the application failed for any reason and it needs to be repeated. It should be noted that any such failure will not adversely affect the functioning of the server as changes are automatically reversed in the event of any failure during or at the end of the application process.
Please click on the link below to download a PDF file of this article