Apple got patch management right, at a cost

Looking at Apple's iOS and Microsoft's update services for Windows, one can see that Apple developed the more effective answer.

Apple's solution for iOS devices (iPads, iPhones, and iPods) covers all apps. With iTunes as the gateway for all apps, all apps can be updated through iTunes. One solution covers all apps.

In contrast, Microsoft's Windows has a messier solution. Windows update services cover Microsoft products, but other (non-Microsoft) products must provide their own solutions. The result is a hodge-podge of update methods, and while most use InstallShield they each have their eccentricities. Small-scale shops can handle the variance, but large shops have large headaches with patch management.

Patch management (or "update management", or "version management") are the headache that was solved with iOS and iTunes. It is also solved with Microsoft's new WinRT app manager (the Microsoft App Store) and is mostly solved with the major Linux distributions. (I say "mostly solved for the Linux distributions" since one can install software from outside the known repositories.)

The grand patch management solutions of iTunes and App Store provide a central location, a single method, for updating apps. The traditional Windows environment allowed for multiple applications from multiple vendors, and there was no one update manager that handled all of them.

But the neat solutions offered by Apple's iTunes and Microsoft's App Store come at a price. That price is part variety and part control. The centralized iTunes and App Store methods limit apps to those approved by the service administrators. Apple can reject any app for any reason (and has been accused of rejecting apps for trivial reasons). I'm certain that Microsoft's App Store will have similar challenges. Apple and Microsoft have "gatekeeper" control over their new distribution mechanisms: apps they like are permitted, apps they dislike are omitted.

Linux, with its strong emphasis on system administrators, has taken a different route. The Linux distros have central repositories for installation and update of packages, but the software managers use a "repository" model which sees software packages (which must conform to certain technical specifications) stored in repositories, and the set of repositories is open. That is, one can select the repositories for your software and receive updates from multiple sources. (The construction and maintenance of a repository takes some work, but the rules for building it are available and open.)

Patch management is important. Software is vulnerable to exploits, and patches can minimize one's exposure. It is something that Windows has worried and frustrated Windows administrators since the beginning of Windows.

In the future, when we look back, I think that the big contribution of iOS and Windows 8 will not be the new UI with its swipes and taps, nor the small form factor, but the patch management. A unified system for updates will be considered necessary for any "modern" system. Apple's iOS delivered that.