Windows Legacy OS forum

General discussion

How to Convice my boss about xp Updates

by croikie84 / April 4, 2008 2:59 AM PDT

I work for a small company and I am the It assistant here. My boss on the other hand is in control of what the policies are here and I don't want to step on her toes.
Personally I like to update XP with secruity updates and what not since we have users in our work area that get crap on their computers all time. But our policy here is to have XP not auto update at all, NEVER, doesn't happen and I think that could be a reason why we get trojans up the waazoo here (along with people going to my space).

How can I convince my boss to let me change that policy?
O and by the way she is one of those people who HATES Microsoft but uses their products everyday.

Discussion is locked
You are posting a reply to: How to Convice my boss about xp Updates
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: How to Convice my boss about xp Updates
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Her choice
by MarkFlax Forum moderator / April 4, 2008 3:02 AM PDT

Depending what type of business it is those trojans and other things will one day steal crucial business details, and her profit margins take a dive.

Or perhaps one of her employees downloads child porn and she gets arrested.

Like I say, her choice.


Collapse -
by croikie84 / April 4, 2008 3:15 AM PDT
In reply to: Her choice

That will be my opening line.

But do I have a legitimate defense here about the updates? Some computers haven't updated in over a year or two.

Collapse -
The common opinion amongst people who know ...
by Kees Bakker / April 4, 2008 3:25 AM PDT
In reply to: funny

is that it makes sense to apply security updates to increment security. All in all, there are very few negative side effects. And if there are, (which is unlikely anyway, if you're one of the last to apply them) they are easy to rollback.

Of course, the firewall should be activated and there should be a current antivirus and anti-spyware product.

A better question than "how to defend [against her point of view] about the updates" is "how does she defend her point point view about it". You don't tell that.

Anyway, her opinion as you tell it is "no automatic updates". That doesn't include manual updates, as far as I can tell. So it seems to be perfectly feasible inside the policy if you visit Windows update on each machine and let it do its job.


Collapse -
Her opinion
by croikie84 / April 4, 2008 3:35 AM PDT

Her reason for now updateing is semi reasonable since she is afraid of the updates mucking up the computer and its functionality.

But all we use/need is Office and a telnet application to a linux box.
I don't think updates will screw that up.

And we have Symantec Corperate edition and a firewall. But that doesn't stop us from getting crap when people go to websites that brings them in and Symantec deletes them.

Our company is really too lienient on websurfing, but that's a different topic.

Collapse -
by croikie84 / April 4, 2008 3:38 AM PDT
In reply to: Her opinion

Thanks for the ideas people. I do have a plan but this helps improve the plans I have to get things under control.

Collapse -
My opinion.
by Kees Bakker / April 4, 2008 3:42 AM PDT
In reply to: Her opinion

Added security far outweights the potential risk.

After all, practically the whole world uses Office on an updated system. If that was messed up, it would surely be noticed widely and corrected asap by Microsoft. In fact, I've never seen any such an incident, as far as I remember.
I do remember an issue with a Windows update interfering with a sound driver, giving rise to a unexpected error message about dislocated dll's, and that was corrected in a few days.
And, as I said, individual updates are easy to roll back by using the uninstall program in the (blue) subfolder it creates in the Windows account.

What's her point of view about Office updates? Still use the original version? Or be up to date with service packs?


Collapse -
by croikie84 / April 4, 2008 3:53 AM PDT
In reply to: My opinion.

Office updates are something she leaves up to the user with for the most part.
I guess one thing I left out about her is that she is like 55 60 years old and isn't very techy savy. You all know the saying, "if it isn't broke, don't fix it" she lives by that.

I think as long as I prepare a little speech for her about things I can get every computer up to date.

Thanks again guys.

Collapse -
by MarkFlax Forum moderator / April 4, 2008 4:59 AM PDT
In reply to: Her opinion

More to my, perhaps, flippant post.

Kees is quite right in what he says about keeping the OS and other software updated. Your problem will be one of presenting your boss with the problems and the facts.

I assume she chose to use Windows in her office. She could have chosen other systems, eg Apple Macs or Linux, ( i see you already use Linux anyway), but she decided on Windows, perhaps because it is seen as easier to set up and is the most popular and readily available. If that is the case then refusing to update just because she *hates* Microsoft is illogical. All Operating Systems have security flaws. Microsoft is the target of most security attacks because it is the most used, the most popular. Microsoft does its best to keep the flaws patched and to the minimum.

The scare stories abound across the internet, and the scariest is, they are mostly true. Identity theft is prevalent, and scams are numerous. If you enter the phrase Nigerian email scam into Google you will see what I mean. Email scams are just a taste of what is out there. Search for phishing and you will also see eye-openers.

These are not necessarily restricted to Microsoft Windows OS users. Users of other systems are caught as well. And, having an 'uptodate' Operating System will not necessarily prevent these scams and thefts. But not being up to date helps the fraudsters to attack vulnerable systems, and trick those users who are unaware.

The problem with security is that everyone has to be a party to it, and that means teaching those who don't know, what the risks are and what has to be done to minimize them. That means your boss and all of the computer users in the office. I guess that your boss assigned you as the IT Administrator to keep her systems in working order. You can only do that if;

1] You are allowed to keep them up to date,
2] You can keep the threats from hackers, viruses, spyware and trojans to a minimum, and
3] You can educate all the other users on "Best Practices" when they surf the internet, read emails, use external media like CD's, DVD's, etc.

If you cannot do all that, then you are not being allowed to do your job properly.

Your job now is to consider a presentation, explaining to your boss what the threats are, and why you need to patch those systems, and all the other things.

The thing I said about child porn is, I believe, relevant. Updates won't stop that, but if your boss is not concerned about such regular and obvious things like security updates, then perhaps she is also not aware of what is happening on her own computers in the office. She needs to be, because she has overall responsibility of what use they are put to.


Collapse -
If you want to get critical Updates manually.....
by caktus / April 4, 2008 3:49 AM PDT
In reply to: funny

be sure that Automatic Updates and Windows Firewall services are set to Automatic and are Started. Then if you want only the Critical updates click on the Express button.

The Custom button includes non-critical Updates. But either way you can pick and choose which updates you want.


Collapse -
Partially doubtful.
by Kees Bakker / April 4, 2008 3:33 AM PDT
In reply to: Her choice

I don't think security updates inhibit downloading child porn.
Implementing parental control software - or any business-class blocking software on your Internet proxy server - might help. Company policies ("you'll be fired if ...") help much better.

Your point about malware is good, however. A good antivirus product will catch it, if it manages to intrude through a hole that isn't patched. But, of course, it's better to patch the hole. No doubt about that.


Collapse -
Her computer, her choice 8-(
by melondrift / April 4, 2008 4:15 AM PDT

It is the simple fact of the matter that it is her choice as to imply updates or not.

It is a known and common fact that Microsoft has ongoing security issues, bugs, crashes, and incompatibilities. If the past does not change the present, the future is certain, and Windows proves it with every release of every patch to fix all of the old patches.

Don't get me wrong, I'm not complaining. Just stating fact.

If updates are not made, the computer will eventually decline in usefulness until it crashes and potentially destroys itself and the information it carries. Information will be lost and someone will have to be hired to try to restore as many of the damaged files as possible, and then make the appropriate updates to the machine so that Windows can once again function properly.

Collapse -
My opinion
by Jimmy Greystone / April 4, 2008 7:02 AM PDT

My opinion is pretty much in line with Mark's "flippant" comment. All those viruses, spyware, and other garbage is a potential threat to the business' bottom line.

One real classic example, which is very real, is a virus will encrypt EVERYTHING on the hard drive. It will do this silently, and keep decrypting everything for a few days. Then, one day, out of nowhere, it will stop. At which point you will be presented with a choice. Pay a ransom to get your data back, or lose it. Now imagine if one of those viruses hit your business. All work would come to a grinding halt until that was taken care of. Could your business really afford to have everyone just standing around because they can't get at any of their data?

Another example, is what happens if someone makes copies of all the confidential data contained on those computers? Then either blackmails you into paying to keep them secret, or posting them on the Internet somewhere, maybe even giving copies to your competition. These are not far fetched examples, they go on every single day.

So what I would propose is this... You go to your boss and lay out a case for how the time lost dealing with all of this spyware and virus garbage is costing the company huge amounts of money. Then you propose that the way to help combat this is to apply security updates to the machines in house. To help make this go over a little easier, I would recommend you suggest designating one person's system to be the "testing" box. This person's box gets all of the updates applied shortly after they are released, and if after maybe a week, no major problems arise, the updates can be rolled out to all the other systems in the office. Different people can be the designated tester every month, or it can always be the same person, depending on how you want to handle it.

With my method, you are providing a full proposal that includes some safeguards. If anything goes wrong with an update, only one system will be affected, which is considerably better than all of them being affected. You are also going through her, so it doesn't seem like you're trying to challenge her authority. What's more, you are presenting it in such a way that it looks like you have the interests of the company in mind, not some personal agenda.

The one tricky aspect to all of this, is that if things are as bad as you say, any attempt to install say SP2, will likely bring about the immediate death of the operating system. So, in order for this plan to be implemented, you will need to format and reinstall Windows on EVERY computer, and get at least SP2 installed BEFORE you ever connect to the Internet. This will probably mean coming in early or staying late for a week or two. So be sure to make it look as if the overtime pay you may get for doing this will be minor when compared to what the company stands to gain over the long term.

After you get all the updates installed, and have worked on some policy whereby you can keep the systems reasonably up to date, you can work on getting the use of Internet Explorer banned at work. Using Firefox or Opera instead of IE, will do wonders for cutting down on the virus and spyware problem. It should slow the flood to a light trickle. However, the unfortunate reality is that change takes time, so start by just getting her to rubber stamp the update idea. Once she's had time to see what a great idea that was, you can push the no-IE one.

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!