Ivanti Blog: Posts by

Is Your Patch Process Hurting End Users’ Experience? Here’s How to Fix It

Tue, 23 Sep 2025 14:58:00 Z

Just one bad patch can cause key systems to fail, disrupting your teams and, ultimately, your customer experience.

While I was checking out at a supermarket self-service machine, the screen suddenly froze and then dreaded blue screen of death appeared. A nearby staff member quickly came over and, with a bit of a sigh, said it was the third time that day this happened. While I’ll never know for certain whether a patch was the only cause, businesses want to minimise these types of issues.

One bad patch can impact your organisation, too. Imagine your customers unable to contact your client success team or your frontline workers unable to access critical data.

While you could delay patch deployment, you run the risk of a total company outage due to a ransomware breach or other cyberattack.

The reality is that vulnerability remediation requires never-ending vigilance. You can address many vulnerabilities through patch management, but without adequate testing, critical systems and business services can get disrupted, affecting your teams and, in short order, reducing profitability.

Let’s take a look at how poorly managed patch updates can cause major disruptions. I’ll also discuss how a ring-based deployment strategy, combined with user surveys after each stage of the rollout, provides a safer and smarter way to mitigate vulnerabilities and outages.

Patch deployment: The need for speed

Regular patch management is one the best ways to secure your data and services. Security frameworks provide best practices, guidance and standards for customers to adhere to; for example, CIS Controls v8 guides teams to apply critical patches in less than seven days, and remediation must occur faster (within 24 hours) if a vulnerability is part of the CISA KEV list.

Organisations comply with these (and the other controls) to reduce risk of catastrophic breaches, maintain regulatory compliance and reduction cyber insurance costs.

In addition, vulnerability exploitation surged by 34% compared to last year (2024). Ransomware-as-a-Service (RaaS) has transformed cybercrime into a subscription economy, where low-skilled attackers can rent powerful ransomware kits from dark web marketplaces. This model dramatically lowered the barrier to entry, fueling a surge in global attacks and extortion attempts.

Now, with the integration of artificial intelligence, threat actors can automate reconnaissance in attempts to locate vulnerable targets at speed. All this makes proper patch management more essential than ever. When a critically rated vulnerability is identified (e.g., a zero day), deployment speed is crucial — but you must balance it with control. Ring deployment acts as an early warning system by rolling out updates in controlled waves.

Ring deployment for secure, scalable patch management

Ring deployment for patch management is a phased approach to rolling out software updates or patches across an organisation. Devices are grouped into “rings” based on risk tolerance and criticality. This tried-and-true method helps reduce the risk of widespread disruption by detecting and resolving issues early in the deployment cycle.

And it gets even more powerful when you combine it with telemetry from devices and user sentiment. Direct user feedback during each ring allows IT to deploy at scale and maintain speed.

Combine user surveys and ring deployment to stay ahead of potential patch issues

It’s that time again: your organisation is rolling out a patch to address a critical vulnerability.

You start with a ring-based deployment — a small group of IT staff and early adopters gets the update first. This initial phase helps validate that the patch instals cleanly without breaking core systems. Once it clears that stage, the patch moves to the next ring — maybe 500 general users from non-critical departments.

With this quantity and diversity of devices, user feedback helps you determine if the overall update worked and can even help you identify when downstream issues may occur before you move onto the next ring.

In your user surveys, collect feedback on:

System performance.
Usability.
Post-patch issues experienced by users in the current ring.

This way, you can gate your rollout — if survey results reveal a high rate of negative feedback or unresolved issues, pause the deployment for investigation and remediation. Open support tickets, gather device logs and alert your IT team.

This feedback loop ensures that only stable, well-received updates advance, reinforcing trust in IT processes and reducing the risk of vulnerabilities making it into high-impact environments, like your customer care centre.

Scale your security posture and minimise disruptions with ring deployment and user feedback

When you combine ring deployment and patch experience user surveys, your organisation can successfully deploy all critical patches in a timely manner, meeting both security best practices and compliance requirements. Systems are secure, risks from known vulnerabilities are reduced and auditors can see evidence of a timely, controlled process.

Ivanti Neurons for Patch Management helps you make patch deployment a seamless process by surveying users directly in the patch experience, automatically pausing rollouts if survey results reveal issues or users respond negatively.

Remember, patching is never truly finished—new vulnerabilities are disclosed daily, and the next cycle of updates is already on the horizon. Staying secure means repeating this process consistently, ensuring that each patch cycle closes today’s risks while preparing for tomorrow’s threats.

Your Windows 11 Migration Is Looming – but There’s a Bot for That

Mon, 28 Jul 2025 19:31:10 Z

I recently spoke with a CIO who had committed a large amount of IT resources to manually migrating computers from Windows 10 to Windows 11. The process required months of planning, device assessments, compatibility testing and hands-on coordination to avoid disruptions to day-to-day business operations. While their dedication ensured their rollout was on track for the looming Windows 11 end-of-support date, it highlighted the strain such projects place on internal teams.

My conversation with this CIO isn’t unique. Before becoming an Account Technology Strategist here at Ivanti, I worked in various roles in IT support and still bear the scars of the Windows XP to Windows 7 migration. I also spent years helping organisations plan, execute and troubleshoot OS upgrades — often under tight timelines, with limited resources.

Automation is key to any major upgrade project. It improves overall IT efficiency, reducing labour costs and human errors. In this blog, I’ll show you how you can use automation in your Windows 11 migration and where Ivanti Neurons bots can help.

Assess the fleet

Before starting any project, asset discovery is key: you can’t upgrade something you don’t know exists or isn’t really there. One Ivanti customer discovered that they had 30% more assets than they expected on their network! This echoes a study from Gartner that found 30% of IT fixed assets are "ghost" assets, or missing and can't be found, which further complicates the task.

Data that exists outside of the device, such as device warranty, is important too. Perhaps upgrading a device with three months’ warranty left isn’t really worth it — it may be replaced through a refresh cycle soon anyway, leaving more disruption for users.

A step you can automate is evaluating whether each device meets Microsoft’s minimum hardware requirements, which you can do in Ivanti Neurons using the Windows 11 Upgrade bot. Then, devices that don’t meet the necessary criteria can be flagged with an automatic ticket in your service or asset management solution. This helps provide the right data to IT-adjacent teams like Procurement for financial planning and purchasing new hardware.

Create a baseline for end-user experience

Creating a baseline helps IT measure the impact of the upgrade, identify potential areas of improvement to review post-upgrade and ensure that the new operating system meets or exceeds current performance levels. It also provides a point of reference for troubleshooting should any issues arise post-upgrade. This data is gold dust for the service desk team, who will be on hand to support users.

One way to create a baseline is with a DEX, or digital experience, score (which you can do in Ivanti Neurons). This quantifies the quality of an employee’s digital experience by aggregating data from various indicators like CPU usage, memory performance, application crashes, disc space and battery health. For example, excessive CPU usage or frequent application crashes can lower the score, while optimal performance in these areas contributes to a higher score. Sentiment analysis of service management incidents can also provide qualitative data that impacts the DEX score.

Surveying the end user bolsters telemetry-based metrics in the DEX score. Surveys provide IT with an early indicator of problems — but you can’t ask too many questions before the end user hits the dreaded mute button! A simple emoji response via Microsoft Teams gives you an empirical response, and a free text field gets user sentiment feedback.

So how do you analyse the data at scale? Feeding these insights into AI for sentiment analysis lets you interpret the tone and emotion to detect frustration or satisfaction levels.

One big takeaway from any migration is its impacts on end users. IT should want the end user to feel part of the process, if not own it!

Put the user at the centre of the W11 migration

At this stage, we have devices suitable to upgrade and know our baseline. Now it’s time to interact with the end user.

IT leaders are all too aware of the potential impact that changes like system upgrades or new software deployments can have on end users, but this awareness doesn’t always translate into action. In the push to beat pending deadlines like Windows 10 End of Support, user experience considerations can be overlooked, leading to disruptions, frustration (reduced CSAT) or decreased productivity.

You can use automation, like the Windows 11 Upgrade bot, to keep the user in the loop, providing them a reason for the change and allowing them to schedule the upgrade at a convenient time.

Validate changes with end users

When changes like system updates are made to their computers, end users often face disruptions to their familiar workflows. A major change like upgrading to Windows 11 can lead to confusion, reduced productivity and frustration, especially if the upgrade was unexpected or poorly communicated. Users may struggle to find previously accessible features, encounter compatibility issues, or experience slower performance, all of which can create a sense of being unsupported.

Surveys have shown that knowledge workers experience such issues 3–4 times per day and often don’t raise support cases. A bot like the Ivanti Neurons Survey bot can be used here, capturing end user sentiment and feedback. So far, automation has done much of the hard work in your Windows 11 migration, but there will always be humans … as it stands anyway! A survey offers an opportunity to bring a human into the loop where applicable.

Software updates – and more! – with Ivanti Neurons bots

So, you’ve read a little of how the Windows 11 bot works. This is just one use case for an Ivanti Neurons bot. The same principles can also apply to major upgrades of any software, but also to a wide array of automation use cases on devices:

Reduce IT operational costs by automating manual steps.
Limit opportunities to introduce human error through manual processes.
Ensure the user is engaged and, crucially, happy with the process and their new operating system.

Neurons bots help IT teams proactively identify, diagnose, and resolve issues across endpoints and devices, often before users even notice the problem. Bots communicate with devices in real time, run queries and perform actions to keep systems healthy and secure.

You can check out some of the ways our bots help automate, accelerate and enhance IT operations, freeing up time for you to work on what matters, by visiting the Bot Library.