Create a Patch Management policy

VIDEO  Datto RMM: Patch Management Best Practices
Datto RMM technical experts Jon North and Aaron Engels explain why Patch Management is such a critical business offering. They cover what Windows updates and Patch Management look like in 2019 and beyond, with Cumulative Updates and Windows as a Service. They explain how you can leverage Datto RMM in the most efficient way for your business and offer their best practices suggestions to improve your current patching and updating strategies. Also refer to the Windows 7 to Windows 10 webinar recording to learn how you can control Feature Updates for Windows 10 with Datto RMM.

What is a patch management policy?

With a patch management policy, you are pre-approving patches to be installed on your Windows devices on an ongoing basis, based on conditions you define. A patch management policy can not only manage the patches made available in Windows Update, but it also gives you much more control, lowers your workload, and increases the security of your device estate.

You can set up an account-level or site-level policy that can target multiple devices, define the patch window, patch location, automatic approval rules, and special options such as reboot behavior. You can also create a patch management policy for audit purposes only. You can even apply site-level overriding of account-level patch policy options.

NOTE  We recommend that you create at least two patch policies: one for workstations and one for servers.

IMPORTANT  Only Windows Managed Agents support patch management. Refer to Managed and OnDemand Agents.

For more information on patch management, refer to Patch Management.

How to...