Patching machines can seem like a low priority task to the end user, when changes are not usually obvious and in some cases cause disruption at the most inconvenient times.
Updating machines can actually be critical where a vulnerability has been identified. For example, on multiple occasions a vulnerability has been reported where an unpatched email server only needs to receive a specially crafted email to be exploited. After sending the email, control of the server is taken by the hacker. This is obviously something that needs to be addressed with urgent attention.
Rather than having to keep on top of all the vulnerabilities that are reported by every manufacture, leave Apex IT to use systems that not only control the updates that get installed but also control when they are installed. This will avoid interruptions at inconvenient times for patches that are not as urgent.