I recently wrote a post asking Are Your Technology and Policy Aligned? Today I came across this story about a German basketball team and the fallout when the laptop controlling their scoreboard decided to upgrade itself at the most inopportune time, begging the question of vendor responsibilities vs. those of the customer
There are several options vendors and customers can choose from. These range from fully automated to fully manual, with one or two additional options mid-range, such as alert only, or alert with automatic download and user controlled install. How should vendors and customers navigate these options and what criteria should be used for their decisions?
To answer, we need to understand the business and technology risks associated with the decision. For example, most of us would think that updating the anti-virus signature file on our PC is trivial and are happy to let that happen in the background. On the other hand, even this very low risk update taking place at the same time as an extremely critical process would not be acceptable to some users. Vendors, therefore, have to offer their customers a variety of choices they can adapt to their needs. Even more importantly, vendors have to repeatedly educate their customers on the risks and benefits of their choices
Customers, on the other hand, should understand their options and the impact of choices, and the resulting risks they are taking. For example, relying on a single laptop to run a mission critical application is probably not the smartest thing anyone can do. That same laptop could have failed for a variety of other reasons, from hard drive crash to power supply failure. The only reason this event received press coverage is the timing it chose to update itself.
Lastly, I mentioned this post to a friend, his response was a link to this video: