Client Profile
Our client is an active private company, incorporated in October 2022, focused on computer-related services, particularly inkjet technology, operating as a subsidiary of a foreign company and located in Bengaluru. The company’s business includes computer-related services, such as website maintenance and multimedia creation, leveraging its global partner’s expertise in industrial inkjet printing, digital front ends and workflow software for the sign, display and packaging markets.
Business Challenge
With diverse geographical operations, client faced the critical challenge of maintaining the security and stability of their IT estate. Hundreds of servers and thousands of workstations, across multiple regions, needed:
- A scalable and repeatable patching process
- A way to minimize disruptions from patch-related issues
- Quick identification and resolution of vulnerabilities
- Co-ordination among global teams for patch validation and communication
To address potential cybersecurity threats and ensure compliance with best practices, client needed a standardized Patch Management Process focused on timely and structured patch deployment.
LogusIMS Solution
LogusIMS rolled out a phased Patch Management Process based on Microsoft best practices, covering the entire patch lifecycle, from assessment to deployment and feedback monitoring.
Key features of the process
- Assess – Identify current environment state and potential vulnerabilities. Server infrastructure was scanned using QualysGuard to identify existing vulnerabilities. Based on the assessment reports, customized patching packages were prepared to address the identified issues.
- Identify – Discover applicable software updates and assess relevance and criticality
- Evaluate & Plan – Test patches in lab setups; get stakeholder approvals
- Deployment – Roll out patches in sequential waves to reduce risk and gather feedback
LogusIMS introduced a Wave based deployment strategy as shown below:
| WAVE | Target Group (Servers) | Target Group (Workstations) |
| WAVE 0 | Lab Test Servers | Selected IS&T team members machines provided different sites |
| WAVE 1 | Development Low risk IT/Eng Servers | Some Engineering team members machines |
| WAVE 2 | QA Medium Risk IT/Eng Servers | All Bangalore workstations |
| WAVE 3 | Production High Risk IT/Eng Servers | All US and Workstations with exception |
| WAVE 4 | Mission-Critical Servers from IT/Eng | ALL EU and APAC Workstations |
- Patch Rollout Timeline:
- Every 2nd Tuesday: Microsoft releases patches
- 2nd Wednesday to 3rd Monday: Evaluation, approvals, and lab testing
- 3rd Wednesday onwards: WAVE based deployment from WAVE1 to WAVE4 over 3 weeks
- Monitoring and Issue Resolution:
- Ivanti tools were used for real-time monitoring of patch deployment
- Failed installations triggered automated tickets, escalated to relevant stakeholders and Helpdesk Team
- Remote desktop support and troubleshooting guides minimized user impact
- Communication and Exceptions:
- All WAVE1 communications and feedback were managed through a dedicated “IT Notification” mailbox
- Exception handling was standardized—Site Admins submitted exclusion lists by the 2nd Wednesday each month
- Few patches were restricted due to system dependencies