Software Lifecycle Management 101—Unsexy But Necessary

In 2021, I took a consulting position with Cisco Systems. I was brought in to help with a program focused on software upgrade lifecycle. This was a much different role than I had previously in running IT/SaaS/Cloud Operations for several software companies. I knew that Cisco was positioning itself to focus more on software and getting its customers to stay current on patches and new releases.

Once I got into the role, I knew I was up for the task. Why? Well, because I have walked in the shoes of a Cisco customer. In fact, I used to be a Cisco customer.

Working with the network layer can be challenging

I knew the challenges and the risks of touching the network layer, whether patching to fix a vulnerability or upgrading to the latest operating system release. And I should point out that this is not just about Cisco. You can go up and down the stack from web servers, application servers, and database servers to the storage array and have the same challenges. But there is something massive to fear when touching the network layer. It’s the backbone of your infrastructure; one wrong move, and boom, your systems are down. And believe me; I have had my share of all-nighters when things go wrong during an upgrade or change on any part of the infrastructure.

Ignoring Software Lifecycle Management can be costly

So why don’t we talk about software lifecycle management regularly? It could be that most IT Operations folks follow the principle of “if it ain’t broke, don’t fix it.” It could also be a lack of knowledge, resources, budget, or anything else. You name it. According to a report by the Ponemon Institute, 62% of companies that experienced a data breach were unaware that they were vulnerable. The report states that “patching could have prevented many of these data breaches.” I find this fascinating. 

Keep the discussion alive

One exercise incorporated into the best practices of several companies I worked for where I was leading the SaaS and Cloud Operations was to complete an assessment of all the areas within the infrastructure that required attention for the upcoming fiscal year. This included software upgrades. Each item was ranked from critical to nice to have. From there, the budget was set and approved, and we got to work. But we did not just settle. These projects were reviewed and discussed weekly. We kept the discussion alive and available to ensure we could pivot ourselves to another critical priority, such as a software vulnerability patch if needed. 

Communicating about software lifecycle management is a key part of IT Management Procedures. Our vendors want us to talk about it, and they push new releases all the time. So, talk about it and keep the topic of software lifecycle management at the forefront of your planning. It may likely be one of the most important conversations that will protect your company and customers. 


Contact us to learn how we can help you with your company’s IT Procedure Management

Categories: Blog
X