CrowdStrike VS Microsoft - Key Learnings • Stripe OLT

Crowdstrike vs. Microsoft Key Learnings

In today’s technology-centric world, the smooth operation of our systems is critical to maintaining normality in both our professional and personal lives.

As we’ve seen recently, even a minor technological hiccup can have profound effects on daily business activities…

The recent CrowdStrike Windows outage (although not technically ‘a minor hiccup’) has underscored the importance of being prepared for unexpected disruptions.

What Happened?

As many of us may already know, the problem originated from a defective update to CrowdStrike’s Falcon Sensor software. This update caused Windows machines to crash, leading to the well-known ‘Blue Screen of Death’.

Unfortunately, this had an impact globally. The issue affected a wide range of Windows endpoints, approximately 8.5 million Windows devices, causing major disruptions in various sectors – from airports to hospitals, the update caused a mass global outage.

Although the CrowdStrike issue has been largely resolved, CrowdStrike and Microsoft have collaborated to roll back the faulty update and deploy a fix.  However, the fix required labour intensive actions as it required engineers to get physically some of the devices to fix them. 

This recent ‘hiccup’ raises a key question in the industry. How can we avoid another issue like this? I personally think there’s an opportunity to learn from this…

So, what are the key learnings?

Update Management

Effective update management is more than just a routine IT task; it’s a crucial element of maintaining system stability and security. Regular updates are designed to enhance system performance, address vulnerabilities, and ensure compatibility with evolving technology. However, as shown by the CrowdStrike Windows outage, not all updates are flawless…

Implementing a robust update management strategy involves testing and validation of updates in a controlled environment before full deployment. This helps mitigate risks associated with faulty updates and ensures that any issues are identified and addressed early. Crucially, maintaining a comprehensive change management protocol helps in tracking and managing the impact of updates on different systems and applications.

Dispersed Technology Toolsets

While diversity in technology can offer flexibility and functionality, it also introduces complexity and potential vulnerabilities. The recent CrowdStrike Windows outage underscores a crucial lesson – managing a dispersed array of technology tools can complicate recovery efforts. In addition, a complex array of tools can increase the likelihood of system failures due to compatibility issues or integration problems.

A more focused approach to technology can enhance your BCDR strategy and protect your organisation against disruptions. For those already using Windows for example, it makes sense that using Microsoft security toolsets would lend themselves well to the existing technology stack.

Clear Communication and Trust

Effective communication between technology vendors and their clients is vital for maintaining trust and ensuring smooth operations. Clear, timely, and transparent communication about updates, their potential impacts, and mitigation measures is crucial.

Importantly, don’t trust 3rd party updates, take a zero-trust approach and make sure you test them where feasible – it doesn’t matter how big they are. Really, vendors must provide detailed release notes, warnings about known issues, and guidance on how to address potential problems. Building a culture of trust involves not only transparent communication but also responsive support when issues arise…

Vigilance Against Exploits

Unsurprisingly the chaos created by the outage provided an opportunity for malicious actors to exploit the situation by distributing phishing campaigns and malware disguised as legitimate fixes. If anything, this is simply a reminder that malicious actors will take advantage of a vulnerable situation and highlights the importance of vigilance and due diligence when dealing with updates.

Organisations should ensure that they obtain updates from official sources. Implementing robust cyber security practices, like using trusted antivirus solutions, enabling multi-factor authentication, and educating staff about social engineering online, is essential to protect systems from exploitation. Regular security training and awareness programs can help staff identify and avoid potential threats.

Impact on Critical Services

As mentioned, the disruption caused by the faulty update affected essential services globally, underscoring the far-reaching impact of human error when it comes to technology. Organisations should really know which critical systems and services they use to operate with, assessing potential risks, and developing strategies to ensure continuity and rapid recovery in the event of a major IT incident.

Think about who manages your key systems, how they are managed and when these systems are updated or patched. This should help you understand if you have control over your key technologies and whether you are ready if the worst is to happen. Personally, I think the way to mitigate this now, is through a comprehensive disaster recovery plan. Crucially, you don’t want to create your BCDR plan as part of your lessons learnt…

Why Business Continuity and Disaster Recovery (BCDR) Planning Matters

Ensuring your organisation can withstand an unforeseen disaster is crucial to the operation of any business. In developing a strong BCDR plan you can:

1. Recover Faster

When technology systems go down, the clock is ticking. The faster you can recover, the less impact there will be on your operations. A well-crafted BCDR plan ensures that you can quickly resume business activities with minimal downtime.

2. Reduce Loss

The financial implications of system outages can be significant. Revenue loss and potential legal issues can arise from prolonged downtimes. According to insurance firm Parametrix, the top 500 US companies by revenue, (excluding Microsoft), had faced some $5.4bn (£4.1bn) in financial losses from the outage. This potentially could have been minimised by a comprehensive BCDR plan.

3. Make Informed Decisions

Unforeseen disaster can lead to hasty decision-making driven by stress and urgency. A well-prepared BCDR plan equips organisations with the knowledge and resources needed to make informed decisions during crises. This preparedness prevents knee-jerk reactions and ensures that responses are both strategic and effective.

4. Protect Your Reputation

A business’s reputation is often its most valuable asset. Following this recent incident, The US government has opened an investigation into Delta Airlines’ handling of the outage after it continued to cancel hundreds of flights.

A swift and effective response to disruptions helps protect your reputation and demonstrates your reliability and resilience. Ensuring that your business can weather the storm with minimal negative impact reinforces trust and confidence among clients and stakeholders.

Final Thoughts

The significance of a solid Business Continuity and Disaster Recovery (BCDR) plan cannot be overstated, and taking a proactive approach to BCDR planning not only safeguards your business operations, but also protects against the inevitable uncertainties of technology.

However, this is not only an opportunity to improve your incident response processes – but I personally would also focus on these key takeaways:

Understand Your Assets: Know your what technology you have, who manages it, and the implications of any changes.
Streamline Your Toolsets: Reduce complexity by minimizing a dispersed array of technology tools. If you’re already using the Microsoft technology stack, it makes sense to seriously consider using Microsoft security toolsets…
Adopt a Zero-Trust Approach: Treat all third-party updates with caution and ensure thorough testing, regardless of the vendor’s size or reputation.

In a world where technology drives nearly every aspect of business, ensuring that you are well-informed and prepared for the unexpected is not just a strategic advantage—it’s now a necessity.

If you want to find out about our BCDR planning services, or if you want to know more about how we can help you streamline your technology toolsets with Microsoft cloud and security technologies, get in touch with our team today.