The similarity between doing IT work and playing competition-level chess is striking. Both require that you develop strategies for building impregnable defenses and carefully planning your attacks.
Both need you to think several moves in advance to ensure you're prepared for anything your opponent might throw at you. And at the end of the day, both can leave you exhausted. How does this apply to managing BIOS configurations for systems on your network? To update or not to update? Wikimedia But before we look at a few ways of handling BIOS configuration management, let's first take a step back and ask a question: Do you really need to keep the BIOS on your systems up to date?
I asked a few of my IT pro colleagues for their opinions on this and was surprised that many of them said their answer to this question was a firm negative. Rich adds, "If a specific computer model or application requires an update, then do it. If the systems are working fine, don't change it. If you mess the upgrade process you could brick the computer.
So again, is there enough ROI? I can remember keeping a logbook of everything I did each half-hour of a workday so I could get a realistic picture of what I was actually spending my time on. That may be a bit on the obsessive-compulsive side of things, but the point is time is money, so you need to be efficient with your time if you value the revenue your business brings in.
Cloud complications Things become a bit more complicated in this area now that cloud computing is taking over the IT business world. Updating the BIOS of a cloud-hosted virtualization host on which your company's virtual servers are running is something that is beyond your control. You don't have access to the underlying host system on which your server workloads and applications are running; those belong to the cloud-services provider you're paying to host your company's workloads.
But what if your cloud provider decides they need to update the BIOS on their host machines? They may not tell you in advance about this, and if something goes wrong and their host systems go down, your cloud-based applications and services might get interrupted.
Of course, cloud providers will likely perform tests in advance to ensure that this kind of SLA-breaking disaster doesn't happen for their customers. Still, you never know, so my advice is to make sure you get it into your contract with them that you will be notified well in advance of any planned host system maintenance windows, including those for updating BIOS configurations on their host systems.
Prioritize your systems Let's now look at some solutions to the problem of keeping BIOS configurations up to date. The first thing to consider is which systems need their BIOS kept up to date and which not so much.
A simple approach is to categorize all of your server and client systems as shown in this diagram as either critical or noncritical and whether they are older systems or newer systems. Note that I've left the quadrants blank in the diagram as you'll need to fill them in based on the systems deployed in your own business: For example, if your servers are more than three years old and are still running Windows Server or Windows Server , there's probably little reason to update the BIOS on them unless you plan on upgrading them to Windows Server If some of your laptops, however, are brand new, you'll likely want to keep updating the BIOS on them as the manufacturer releases such updates simply because most laptops get pushed out the door these days before they are fully tested and ready for customer use.
Or at least it often seems that way. David comments, "I have a very mixed environment, and 40 computers are the exact model. Managing manual BIOS update is not bad at all -- an update takes about two minutes, not counting restarts. Then if there was a problem, the same fix can be used before moving onto the next model.
Make it a support issue Keeping the BIOS configurations updated on your client systems is really just another part of normal system support. So "outsourcing" this task to your support team which might be someone outside your company is probably a good idea as long as they're trained in how to handle things when something goes wrong. For example, if the manufacturer indicates that there is an August network driver available, I will also load this.
Otherwise I will not lose sleep. In this case, for BIOS updating you're basically dependent on which particular systems-management platform you have rolled out across your organization.
It may also depend upon which particular vendor has supplied most of your system hardware and also which version of Windows is running on those systems. Unfortunately, there's no one single universal tool that IT pros can use for rolling out BIOS updates across a network. But hey, when I signed up to be an IT pro, nobody said getting from here to there was supposed to be easy!