Information Technology Reference
In-Depth Information
updated. In many ways, this process is as delicate as performing brain sur-
gery on one's self, and a failed update can render a device unrecoverably
nonfunctional, or “bricked.” Many small- to mid-sized businesses do not
plan and test firmware updates as they are released on additional test-only
equipment, instead relying on ad-hoc updates to production equipment
when mandated by function loss or other signifying event. Few small
businesses have sufficient equipment to function as spares that can be lost
in a botched firmware update test.
Firmware updates require extensive regular research, as each ven-
dor provides one or more versions of update for its equipment. These
updates may require review of batch and lot numbers on individual
pieces of equipment to determine which updates are appropriate. Within
a single computer, there may be many firmware elements that must be
updated—the motherboard's BIOS may be complemented by specific
firmware on storage controllers, video and audio controllers, internet-
working systems, onboard encryption devices, and other dedicated
computing elements.
Each such system may require review of type, model, lot, and batch
details against an individual vendor's sites. Because of the level of effort
required, even enterprises that regularly review firmware update require-
ments may only perform this cycle quarterly or yearly. And often, firm-
ware updates are only appropriate if a particular condition emerges in
hardware operation.
Drivers
Software device drivers couple closely with the hardware devices they
facilitate. Although these should be addressed along with standard soft-
ware update practices, it is important to identify and document the
drivers in use within an enterprise so that changes in hardware compo-
nents and updates to the drivers themselves can be addressed in the soft-
ware update process. For businesses whose regulatory mandates require
documentation of all software in use within the enterprise, device driv-
ers can be difficult to properly identify. Drivers created by parties other
than the hardware manufacturer, such as community-developed device
drivers in many Linux distributions, can present challenges in some
regulatory environments.
Search WWH ::




Custom Search