Skip navigation
Skip navigation

GFI® Software survey of IT patching practices highlights the problems caused by poorly developed software patches and failure to keep systems secure and up-to-date

London, UK – June 21, 2011 – GFI® Software, a leading IT solutions provider for small and medium-sized enterprises, today released survey results that reveal half of businesses have suffered at least one business critical IT failure as a result of installing a bad software patch.

The research also revealed that a quarter of those surveyed suffer recurring IT failures and lost productivity resulting from software bugs and incompatibilities introduced by badly developed software updates. The survey of 256 senior IT decision makers in the UK was conducted on behalf of GFI by independent market research company Opinion Matters.

Commitment to deploying critical updates quickly is clear, with 90% of those surveyed applying patches within the first two weeks after they are released. However, for many the process remains a manual one, with 45% not using a dedicated patch management solution to distribute and manage software updates. This lack of automation is a major contributing factor that explains why 72% of surveyed decision makers do not deploy within the all-important first 24 hours after a critical patch is released to the public.

Additional key findings:

• 51% of those surveyed said their organisations did not have a rigid policy regarding the installation of critical software updates
• 25% of respondents have suffered multiple IT failures as a result of buggy patches or compatibility issues created by a software update
• The legal (43%) and healthcare (40%) sectors struggle the most with recurring IT problems caused by bad patches
• The personnel sector is the biggest user of dedicated patch management solutions, due to the lack of dedicated on-site IT support in most recruitment offices
• 29% of the survey group consider security to be the most important benefit of prompt software patching
• Improved productivity within the IT department, added security and compliance are the main drivers for investment in patch management solutions

"The stark figures revealed by this research reinforce the importance of testing patches before deploying them in a production environment. Patch management solutions help keep the balance between maintaining productivity - testing patches to make sure they do not interfere with the business environment - and applying security patches in a timely fashion to avoid compromising security," said Cristian Florian, product manager at GFI Software.

"Patch management solutions such as GFI LANguard 2011 can also roll back problematic patches and get the company back to work in a fraction of the time compared with a manual uninstall process or, worse still, a PC rebuild," Florian added.

Small companies with nine users or less are the quickest to deploy patches, with 45% deploying within 24 hours. Slowest to deploy are companies of between 250 and 500 users, with 63% taking up to a week to deploy known patches. The legal and construction sectors are the most conservative when deploying patches, with 71% of each vertical taking up to a week to deploy a patch. HR businesses are the most proactive, with 50% deploying in the first 24 hours, closely followed by financial services with 46% deploying inside a day.

The research revealed a clear shift within the financial services sector, which following the implementation of stringent compliance regulations such as Sarbanes-Oxley and Basel II, has moved from being cautious regarding IT change to being more open to deploying updates and critical patches as soon as possible in order to reduce the risk of data loss, theft or reduced oversight over financial activities.

Note to Editors:

The research was conducted anonymously using 256 UK-based business IT decision makers, selected from a cross section of vertical sectors and business sizes ranging from sole traders to organisations with 500 or more users. Respondents were independently selected by Opinion Matters. The sample was surveyed between April 27 and May 4 2011. A detailed summary of the research is available on request.

About GFI

GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises (SME) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMEs, GFI satisfies the IT needs of organisations on a global scale. The company has offices in the United States, United Kingdom, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.

For more information:

Please email David Kelleher on
GFI - Malta: Tel: +356 2205 2000; Fax: +356 21382419.

Davies Murphy Group
Please email Chris Green on
Tel: +44 1256 807360

Copyright © 2011 GFI Software. All rights reserved. All trademarks used are owned by their respective companies. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.

This press release was distributed by ResponseSource Press Release Wire on behalf of GFI Software in the following categories: Business & Finance, Computing & Telecoms, for more information visit