In this episode of Patch Me If You Can™, Arek Dreyer sits down with Robert Hammen, Principal Mac Consultant at SAP and former IT systems engineer at SpaceX, to dig into the sometimes frustrating world of enterprise patch management. The conversation kicks off with Robert outlining why patching remains a challenge, touching on common pain points like less-than-perfect tools, end users tinkering with applications, and the need to validate that updates actually get applied. He explains that in high-security environments, timely patching is crucial, but the process must be carefully managed to avoid disrupting users—especially those engaged in mission-critical work.
The discussion moves into the strategies Robert has developed to strike a balance between enforcement and user flexibility. He highlights a system of deferrals, where users are given multiple chances to postpone updates before enforcement kicks in, while keeping clear lines of communication open about why the updates matter. Robert also stresses the importance of automation, noting that having robust patching infrastructure frees up IT teams to focus on broader automations and remediations. This is particularly critical in organizations with thousands of devices, where deploying untested updates at scale could lead to a flood of help desk tickets and disruptions.
Both speakers touch on the persistent challenge of documentation, describing how vendor materials often fall short and require IT professionals to seek out answers from a patchwork of sources. Robert closes the conversation by advocating for IT teams to regularly reevaluate their processes and embrace change proactively, rather than waiting for technology to force their hand. His practical advice underscores that a smart, user-focused approach to patch management can make IT’s job smoother while keeping large organizations secure.