Keeping drivers patched and up to date across all endpoints in a large enterprise organisation is a notoriously difficult and resource-intensive challenge. It’s a task that is essential, but it is also risk-enhancing, time-consuming, and highly inefficient. But there is an alternative – automated, evergreen driver patching at enterprise scale.

This means you can keep drivers up to date in full alignment with your security and governance policies, and it can all be done largely on autopilot. And you can do it at scale across tens of thousands or even hundreds of thousands of endpoints.

You will save thousands of resource hours, errors will be reduced, policy adherence will be enhanced, driver-related support tickets will be cut, and security risks will be mitigated.

How to Automate Driver Patching at Enterprise Scale

How can all this be achieved? The solution is our new Access Capture Evergreen AI feature. It was originally built for evergreen application updates, but we have further developed it to also handle driver patching.

Access Capture Evergreen AI automates the most resource-intensive, time-consuming, and error-prone parts of keeping drivers patched and up to date in large organisations. This includes:

  • Identify when a new driver update is available
  • Audit the endpoints where the new driver is needed
  • Download the driver from a vendor source, such as the driver vendor’s website
  • Package the driver as an MSI (or another packaging format)
  • Smoke test the MSI package on a virtual machine

Access Capture can then be used to semi-automate the UAT and publishing parts of the driver update process, plus we also offer solutions that help automate pilot deployment and full rollout.

Driver Patching Cycle Time and Resource Savings

Manual driver patching processes have multiple inefficiencies:

  • Identifying when a new driver update is available can be delayed by days or longer, as it typically involves a person manually checking and downloading the update.
  • Packaging and testing can then take a week or more.
  • A decision can then be made on publishing. If the decision is to proceed, a ring deployment schedule can be implemented.

One of the big issues (apart from the resource-intensive nature of manual processes like packaging and testing) is the amount of time that can elapse between the vendor releasing the update and the enterprise initiating the ring deployment. This could be weeks, and the vendor could have released another update during that time.

So, even when the process runs smoothly, the time between a driver update release and all endpoints patched is several weeks. If another patch is released in the meantime, the ring deployment could be stopped to start the process again, with the knock-on impact of endpoints in the outer rings operating with outdated drivers for months. The alternative is to continue with the ring deployment even though it is a now outdated driver, before starting the process again.

With Access Capture Evergreen AI, you can cut key parts of the process to a day or two.

The actual process of identifying a driver update, downloading it, packaging it, and smoke testing it takes minutes. The only delay is the setting for how often the system checks for a new update.

From there, the up-to-date, packaged, and tested driver can be saved in a folder for publishing and ring deployment decision-making. This cuts weeks from the process (per driver) and reduces the time endpoints operate with outdated driver versions.

They’re Your Drivers, So You’re in Control

As with all other Access Capture features and capabilities, Evergreen AI driver patching has been developed to adapt to your governance and security policies. You control where drivers are sourced, for example, as well as the cron scheduling, i.e., how frequently the Access Capture Evergreen AI should check for a new update. The screenshot below from Access Capture demonstrates how you remain in control.

Key Benefits of Evergreen AI Driver Patching

  • Automate processes – reduce to a minimum the manual processes required to keep drivers up to date across all your endpoints.
  • Centralise control – enhance governance and policy adherence by centralising driver patching and maximising oversight.
  • Improve compliance – enhance compliance in regulated industries by keeping drivers up-to-date and ensuring there is an audit trail of actions.
  • Time and resource savings – significantly reduce the time and resources required to continuously patch endpoint drivers. This includes resources dedicated to driver patching as well as resources with an involvement in the process.
  • Mitigate security risks – reduce vulnerabilities by patching drivers more frequently and efficiently.
  • Maintain stability – get the right balance between patching speed and endpoint stability by remaining in full control of the automated processes.

The Future of Driver Patching is Now

Repetitive and time-consuming manual processes are increasingly being consigned to the tech juggernaut bin. That said, there are many manual processes that have remained stubbornly sticky, largely because of the technical complexities of automation in real-world environments.

Driver patching is one of those manual processes that has remained stubbornly sticky. Automating at a small scale when all endpoints are largely the same – sure. But in a large and complex enterprise environment, it’s a completely different ballgame.

Until now.

With Access Capture Evergreen AI, automated driver patching isn’t the future; it’s the here and now. Get in touch to arrange a demo.

Category: News

Author: David Butler-McAllister

COO & Co-Founder | Automation Expert | Thought Leader | Passionate about helping companies improve efficiency, save costs, and respond to digital transformation challenges