Why Should Anyone Upgrade Their OS - Ever?

[AbSoluTc]

I am posing this question because I don't see an answer anywhere online, other than for "features". OS for the past 3 versions will get security fixes. So what's the point?

I ask because I have a boss who is posing this question. He sees no reason to update a Mac once in place to any new OS until it's replaced 3 years later. Most everyone in IT cringes at this from a feature and security standpoint but we can't seem to drive the point home.

I am trying to find an article(s) - respectable - that I can link him to - that explain the importance of updating you're OS. Not having 3/4 different MacOS versions floating around that are harder to maintain from a system admin side of things (multiple different patch versions and variants). Etc.

Anyone have any advice or links that would help make my case?

 

[dukebound85]

if it works for needs and is supported for security, why update and risk breaking things?

I personally agree with your boss

 

[Altis]

There's a distinction between keeping your OS up to date and upgrading to a different version.

In general, it's recommended practice to keep your OS updated with security updates. That doesn't mean you have to upgrade to a new version though, and many people don't. One of the major reasons is that, especially with macOS, new versions tend to break parts of mainstream software, or introduces stability or performance issues, for a while.

It's generally better to be riding the trailing edge if stability is your priority, which is generally the case in the workplace. There's rarely much added that compels people to upgrade to a new version.

 

[Bending Pixels]

One good reason TO upgrade is that new software versions may run on only the current and maybe last prior macOS version.

 

[chrfr]

While Apple does provide some security updates for the 3 most recent versions of macOS, they sometimes don’t include all the security updates for the non-current version. Apple really wants users on the newest OS.

 

[Honza1]

Your bos is actually right....
Updates and patches are needed. Keep systems safe. Usually safe to apply.
Upgrades to new version are optional. Add features. BUT BREAK STUFF. I have number of apps which stopped working after upgrade to Mojave. Most were eventually upgraded - some at cost - some were not. If the cycle is 3 years, why to risk that something important breaks? Why waste resources? Use existing system, replace in 3 years, setup/configure with new tools. Done for next 3 years.

 

[Partron22]

"Upgrades" frequently break old software anymore. That makes them labor intensive and costly.
I keep a couple, three up to reasonably new systems. the others get pulled from the internet and used only in house.
3 years is a good turn around time. Couldn't do that on my last mac Mini because it took Apple 4 years to get around to updating it themselves. -Still those 128GB SSD's I can't help but think that they're selling Apple cloud portals, rather than computers. I have USB sticks that size.
If you stick as close as you can to 3 years, you end up being able to choose a reasonably stable 10.17.5, rather than run in disaster mode on 10.15.0. Plus you get to skip two cycles of persistent bugs.

 

[Howard2k]

I am posing this question because I don't see an answer anywhere online, other than for "features". OS for the past 3 versions will get security fixes. So what's the point?

I ask because I have a boss who is posing this question. He sees no reason to update a Mac once in place to any new OS until it's replaced 3 years later. Most everyone in IT cringes at this from a feature and security standpoint but we can't seem to drive the point home.

I am trying to find an article(s) - respectable - that I can link him to - that explain the importance of updating you're OS. Not having 3/4 different MacOS versions floating around that are harder to maintain from a system admin side of things (multiple different patch versions and variants). Etc.

Anyone have any advice or links that would help make my case?

I don't have an article. I spent time as a systems admin, though that's not my job any longer.

I absolutely would not update my OS without some justifiable analysis, especially in a professional setting. Even for personal use, I'm fairly risk averse, and I think it's justifiable given Apple's track record in recent years. Not saying that as a "hater", just a believer of the "if it's not broken..." theory. Even when it comes to incremental updates, I'll let other people do the initial testing and I'm ok being a release or two behind.

In a professional environment it's even more important. Again, if things are working well and there is no real value for new features, then why upgrade if you're still getting security updates?

As an example, I was happy with Sierra, I was on 10.12.6 until HS got to 10.13.5. Moved to High Sierra a few weeks after 10.13.5 was out and started having problems. A notable decrease in stability. I went to 10.13.6 and it wasn't any better, so I did a clean install of 10.14.0 out of desperation, with a plan to go back to 10.12.6 if I couldn't get my issues resolved in Mojave. I'm on 10.14.2 and things are running fantastically, but I'm not likely to move to 10.15 unless there's something pretty good in there, now that things are working great again.

For people who like stability, there's a lot to gain from a conservative update timeline.

So why would you update? You do raise good points for sure. Security updates, and consistency across platforms. There are benefits there, but those are not usually mutually exclusive with a conservative update timeline. As long as the OS is still getting security updates, then I've just seen too many issues, personally and professionally, that would prompt me to be aggressive in that regard. If an update being real features that bring easily demonstrated value, that's a different story. In reality though, that's often not the case. I appreciate the cumulative feature additions from Apple. The ones that stick out more than anything for me are Time Machine and macOS/iOS interop (handoff etc), to me those are worth a gamble. But HEVC support from 6th gen Intel support (with HS) has no value to me on a 2015, for example. As much as Mojave has some nice features in it, I'd still take Sierra over High Sierra. I think there are plenty of reasons to not be too quick to upgrade.

You can't run Sierra on a 2018, but you can keep two or three tiers of hardware/OS version I'm sure.

 

[flowrider]

AbSoluTc I agree with none of this. IMHO, the OS and your applications should always be updated to the latest versions. You state the 2 main reasons. But, over the years I have found a smoother and faster machine with each OS update. And, having multiple machines in the workplace running different OSs can be confusing. Just my opinion, and what I have done over the last 30 plus years.

Lou

 

[AbSoluTc]

AbSoluTc I agree with none of this. IMHO, the OS and your applications should always be updated to the latest versions. You state the 2 main reasons. But, over the years I have found a smoother and faster machine with each OS update. And, having multiple machines in the workplace running different OSs can be confusing. Just my opinion, and what I have done over the last 30 plus years.

Lou

I was surprised by the comments honestly. Majority say don't update.

From a system admin point of view, managing 3 different OS versions is a PITA. I don't think people realize that. I also don't think people realize when someone is 3 OS' behind, the jump to a new OS is not as smooth. It's a bit jarring. For instance, we had people on Yosemite who jumped to High Sierra. They were pretty confused on a lot of things due to the interface change and some system apps (photos/iPhoto) not being the same. Whenever iPhoto went to Photos we had people freaking out.

We will have people going from El Cap to Mojave. Thats not a small transition. That's a decent jump. Too much of a jump IMO. The other issue is feature set. When users start talking about doing this or that to another user and they try to do it and can't, they wonder why. Well, their OS is too far behind. I have also found the reverse with Apps. The OS being TOO OLD and apps not working. I have rarely, if ever, had an app break by upgrading.

If all the Apps users use work fine on 120 machines running Mojave, why not update the other 250 users? What's the issue? That's my point. My boss does not see the need to invest the time or energy. Even though we can have the users do it themselves and any issues that arise, address. Everyone backs up or will be instructed to.

Again, from a system admin/management POV - it's a PITA. We have servers running Lion and Mavericks as well.

 

[chrfr]

We have servers running Lion and Mavericks as well.

I hope they're not facing the internet.

 

[Ritsuka]

macOS UI is so stable if you compare it to Windows. They add a few new features, but there aren't many changes like for example Window 8 or Windows 10.

 

[chrfr]

macOS UI is so stable if you compare it to Windows. They add a few new features, but there aren't many changes like for example Window 8 or Windows 10.

On a larger scale, for people who manage many Macs, this statement is decidedly not true. In the last few major OS upgrades, and even within 10.13.x, Apple has changed a lot about how it's possible to manage computers. Windows is far more stable in that respect.

 

[MacBookSteve]

Tell your boss he's a ****ing moron. Make him sign a form that protects you, your pay and anything that could affect your ability to earn / produce.

If there is ever a virus, bug, security breach because he's a ****ing retard, he has to continue to pay you. He'll figure it out then. I guarantee it.

 

[KALLT]

As was said, Apple doesn’t backport all security fixes. Plus, newer releases of the OS typically add security enhancements.

If you have the “don’t change what isn’t broken” mentality, then Apple just isn’t your best choice, as annual updates are the norm. If you want long-term support i. e. fewer disruptive upgrades, then choose Windows or a LTS Unix, Linux or BSD release instead.

 

[sracer]

I am posing this question because I don't see an answer anywhere online, other than for "features". OS for the past 3 versions will get security fixes. So what's the point?

I ask because I have a boss who is posing this question. He sees no reason to update a Mac once in place to any new OS until it's replaced 3 years later. Most everyone in IT cringes at this from a feature and security standpoint but we can't seem to drive the point home.

I am trying to find an article(s) - respectable - that I can link him to - that explain the importance of updating you're OS. Not having 3/4 different MacOS versions floating around that are harder to maintain from a system admin side of things (multiple different patch versions and variants). Etc.

Anyone have any advice or links that would help make my case?

Depending upon your work environment, your boss may very well be correct. Mission critical applications can cease to function, or function in a diminished capacity if the OS update is not compatible with the app. The cost of troubleshooting the problem (and maybe even require changes to business practices and procedures) is something to be concerned about.

Sometimes when an OS is updated the application vendor requires an update to their app. In the case of something like Parallels, it's just their way of extracting more money from their customers.

Although the update to the OS is "free", it could very well cost the company money to pay for upgrades to the software.

The "security fixes" reason is generally made by people who don't understand the nature of many of these fixes. Often times, the security holes require a very specific set of conditions for them to be exploited. Sometimes it is limited to a particular set of OS APIs/functions that are used by specific apps. In those situations, if you're not running those apps, then you won't be exposed to those threats.

These are a few of the reasons why it might make sense to not update the OS. This may or may not be applicable in your situation however.

 

[Ritsuka]

On a larger scale, for people who manage many Macs, this statement is decidedly not true. In the last few major OS upgrades, and even within 10.13.x, Apple has changed a lot about how it's possible to manage computers. Windows is far more stable in that respect.

My comment was on the user facing UI, not on how macOS is deployed

 

[0009827]

Tell your boss he's a ****ing moron. Make him sign a form that protects you, your pay and anything that could affect your ability to earn / produce.

If there is ever a virus, bug, security breach because he's a ****ing retard, he has to continue to pay you. He'll figure it out then. I guarantee it.

I take it you tell that to the guy who hands out your unemployment cheque.

 

[Wando64]

Microsoft has announced that Windows 7 support won't end until January 14, 2020.
That is going to be 11 years after it was released.

Now that they release a new MacOS every year, Apple's policy of supporting only the last three versions of the OS is wholly inadequate and from a business point of view it would create major headaches.
No wonder businesses mostly use Windows...

 

[Gregg2]

Tell your boss he's a moron.

How'd that work out for Rex Tillerson?

Oh, wait. He told colleagues, and someone ratted on him to the media...

 

[Kanyay]

Security.

Close thread.

 

[ThunderSkunk]

You must be someone really important, to expect to shut down an entire conversation just because you arrived and added your 2cents.

Blurting out “security” is not an argument. What do you think happens to all these iOS devices when they can’t be upgraded after 3 point releases? They wink out of existence? Apple is fine with leaving them running all over the world with their outdated OS’s, just like they’re fine with leaving generations of Macs behind every year, running all over the world with out-of-date security. Every device you own will end up with outdated security, and that’s fine, no security is perfect anyway, and you should always be conscious of that and how you’re using these things.

If I could find an iPad mini 4 or iPad Pro with iOS10 still installed, I’d buy it in a heartbeat. iOS 6 was the high point in terms of efficiency and coherent ui design, even with its hated skeuomorphic graphical elements, and iOS10 was a second peak marking greater iPad multitasking utility and modern functionality. iOS11 and 12 are both a significant step down in usability and efficiency, and all the security in the world doesn’t help make it a more useful tool again.

 

[Howard2k]

You must be someone really important, to expect to shut down an entire conversation just because you arrived and added your 2cents.

It's Kanyay. He IS important. He's only here because he's taking a break from busting rhymes all over Chicago and busting nuts all over Kim.

 

[harriska2]

My local university hasn't mandated moving all machines to Windows 10 yet. It's because it is a major headache and MS still supports Windows 7 till next year. The local Mac users are pretty much left alone although they are getting nervous about his 2013 iMac, and I suppose El Capitan on it.

 

[theluggage]

From a system admin point of view, managing 3 different OS versions is a PITA.

Complaints on a postcard to Apple for trying to force a new OS version with major structural changes on users every year, and not making older, stable versions available on new hardware. Microsoft are getting just as bad nowadays (although I believe its a bit more manageable if you use the 'enterprise' versions of Windows) - and one of the reasons that they haven't been able to kill off XP and Windows 7 as quickly as their marketing department would like is that professional users need long-term stability. So, you're in an imperfect world where neither Apple or Microsoft are actually offering a product that is fit-for-purpose and are happy to use their customers as beta testers, The only alternatives - Linux or BSD - where some distributions do focus on stability or offer a long-term support version - may or may not be a viable solution.

Basically, both you and your boss have valid points and the only solution is going to be compromise - make a case-by-case decision on every upgrade. "Never update" and "Always update" are two equally stupid extremes. If your boss is prohibiting any and all updates that's a problem - if he's forcing you to make a strong case for every update then he's doing his job - updates on 'production' systems should never be taken lightly.

Everything in life is a risk/benefit analysis and "security risk" shouldn't be used as a trump card that overrides the risk of data loss and disruption inherent in any software upgrade. You also need to put OS "security vulnerabilities" in perspective alongside other - often greater - security risks from phishing, dumb passwords, leaving usb sticks on trains etc. There's no point in putting a steel door on a tent!