What’s your stand on Upgradation to latest versions?

Upgrading to latest version regardless infrastructure or software can be a boon and bane.

Security is a significant reason to upgrade software to keep the confidential information or data safe and secure and also to avoid ransomware or any kind of security attacks, additionally there are some advantages to software updates as we get improved functionality and expanded usability.

Usually most of the companies/organizations, software experts and security administrators don’t prioritize updating their software unless it becomes mandatory. For companies, it is overhead expense due to buying new licenses, and for software experts its a big implementation as there will be dependency applications alteration, testing etc.

This article is on developers and architects point of view; neither companies nor the security experts.

Let’s see what experts in the industry say on this point.

I totally agree with your statements. Yes it can be a  boon sometimes or a literal nightmare sometimes. I would do a total analysis before making a decision or give my recommendation on whether to go to next version.

Akhila Thutupalli
Senior Consultant, CGI Inc, United States of America.
23 years of experience in Software industry.

Akhila who is highly experienced in application design and technical project management, says it right. When it comes to know that an upgrade is available or a newer version is released, when there is no clear-cut reason to do so, one should not be rushed to go for it. Without thorough analysis or testing if we update, it can trigger system / application breaks or lead to performance issues.

But what about the security? Updates or Upgrades can include repairing discovered security holes and fixing or eliminating program bugs. If we ignore them, there is a high risk of a ransomware attack.

“Could not agree any more than what you said. Being in the industry for more than 16 years, I can easily say that upgrading hardware/software platforms is always considered as an overhead. Every week we hear stories of ransomware attacks that affected a huge system/entity. Unfortunately, no matter how careful and talented the developers are, there are hackers out there ready to exploit any vulnerability in the software available in the market for a while. So it is always recommended to keep your infrastructure/software updated to make the job of hackers much more difficult.”

Jaffer Mumtaz,
Software Architect, TransCore LP, Dubai, UAE.
16 years experience in Software Development.

In reality, Jaffer is right, hackers are still able to hack the bugs in the program, no matter how cautious and talented the developers are. As per the analysis, every 11 seconds, an organization will fall prey to ransomware by 2021.

One of our clients said they weren’t going for upgrade as long as the machines were up and running, helping their business go smoothly. They feel it as an unnecessary overhead that they don’t want to dwell on. They just said business comes first. While I believe that business always comes first, I do not really agree that upgrade is an unreasonable overhead. When a company works with users or clients, it can not endanger the data of its customers that will ultimately destroy the credibility of the company and challenge its honesty.

Anand Jain, Systems Architect, Pune, India.

Exactly, if the company deals with customers/users, it is company’s responsibility to protect their data and should not put the sensitive information at risk by ignoring security upgrades. If the sensitive information is compromised then business may impact hugely or there will not be any business at all after that. One research showed that 60 percent of all companies that suffer a data breach within six months are forced into bankruptcy.

So many experts have sent in their thoughts on this subject. I would like to thank them and summarize their input here in order to prevent repetition.

• Latest updates often introduce new functionalities, utilizing them can increase the performance.
• Trained personal must review and analyze before upgradation.
• Companies should maintain the latest or sufficient security measures to avoid data breaches.
• Companies should avoid holding the data (e.g., credit card numbers, any kind of sensitive information) that’s valuable to hackers.
• Experts should find better alternatives to avoid any overhead to the companies.
• Companies should not neglect to use an offsite source or third-party service to back up their files or data.
• There should be proper measurements in place when connect to the supply chain of a larger company.