olly - Fotolia
Updating Windows desktops is crucial for any organization, but many IT professionals find the Windows update process frustrating. Fortunately, there are some ways that IT can take control of and simplify the process.
One of the best ways for IT to take control of the Windows update process is by deploying Microsoft Windows Server Update Services (WSUS) or a similar patch management console for its organization's servers.
Without WSUS, Windows desktops will automatically download and run updates. Automated patch and update management might sound appealing, but it introduces a high degree of uncertainty into the patch management process. It can be difficult to know what updates are going to be deployed and when.
In contrast, WSUS allows IT to centrally download updates to a server and saves each machine from having to download updates individually. WSUS also offers IT professionals the ability to approve or block updates and configure automatic approval rules so that the machines can run critical updates without waiting for approval.
Other Windows update strategies
Disk capacity management
Another Windows update process strategy that IT can use is maintaining plenty of free disk capacity on devices. Insufficient storage is one of the primary causes of update failure. Without proper monitoring, these failed updates may go unnoticed by IT, resulting in noncompliant devices.
There is no easy way to ensure that all of the Windows devices maintain enough free disk capacity to apply updates. Starting with build 1909 of Windows 10, desktops reserve a block of disk specifically for the purpose of accommodating updates. Initially, Windows will reserve about 7 GB of capacity for this purpose.
IT pros can also review their Group Policy settings as they relate to the Windows update process. Remember, IT should configure group policies to ensure that updates are applied in a timely, non-disruptive manner.
One especially helpful Group Policy setting can be found in Computer Configuration > Administrative Templates > Windows Components > Windows Update > No Auto-Restart With Logged On Users for Scheduled Automatic Updates Installations. This setting keeps Windows from automatically rebooting after an update while users are logged into their computers.
IT can minimize user frustration with the Windows update process using this Group Policy. Windows updates will still occur, but this setting prevents users from suffering a reboot while they are working.
Dig Deeper on Windows 10 updates
Related Q&A from Brien Posey
It's critical for an organization to know what data it needs to retain and where to store it. Some data is required for retention by law, so a ... Continue Reading
Decentralized storage technology can be confusing and complicated. These best practices, however, can help with implementation in enterprise IT ... Continue Reading
Organizational resilience encompasses everything a company needs to run in times of crisis. These examples show how businesses handle tough ... Continue Reading