Apr 10, 2025

Protecting Your Business From an IT Outage

In 2024, a major IT outage affected 8.5 million computers and effectively shut down some businesses for days. Read here to learn how to protect your company should something like this happen again.

One of the largest IT outages ever happened on July 19. A now-infamous CrowdStrike update caused chaos across the globe as 8.5 million business computers that had updated their software suddenly saw the so-called blue screen of death. While some businesses recovered quickly and were able to resume operations, others were not so lucky.

You may know the background: CrowdStrike provides cybersecurity services to Windows-based computer systems. The incident occurred when the company issued a flawed update to its CrowdStrike Falcon Sensor platform. How did that happen? There seems to have been a logic error that caused the application to fail. Such consequences of flawed control processes are not unheard of but are usually not so dramatic.

The event provides businesses with a reminder to reassess their cybersecurity protocols. Companies should review the following as they seek to improve their protocols and procedures:

1. Reassess automatic updates. Automatic updates are intended to ensure security updates are installed quickly and easily. End users rely on vendors to test those updates before they are launched automatically to be sure they are safe. But the CrowdStrike failure raises the question of whether it would be better to have the company's IT department test all updates and patches on a test server and then manually install the updates at the company level.

2. Revisit cloud strategy. As we have seen, relying on a single cloud provider — whether CrowdStrike, Microsoft Azure, AWS or Google — can result in far-reaching problems. This may be the time to consider switching to a different approach, such as a hybrid cloud environment in which public clouds, such as those mentioned above, are combined with private clouds, either hosted by the company itself or a third-party provider.

3. Vet vendors. In a world with bad actors and deep fakes, cybersecurity is increasingly important. Consequently, due diligence with a software vendor should be expanded to include questions concerning how updates are tested, verified and rolled out; how data privacy protocols are maintained; and what disaster recovery systems are offered.

4. Create backup communication systems. The CrowdStrike failure disrupted Delta airlines for five days in part because the company could not communicate with its flight crews. This highlights the necessity of having backup communication systems. Companies need to be able to reach employees in the event of a company-wide tech disruption.

5. Ensure applicable disaster recovery and business continuity plans. Companies should assess their cybersecurity-related disaster recovery and business continuity plans. Part of this endeavor should include reviewing whether it is possible to roll back to previous working versions of critical software, which can decrease any downtime.

It is critical to remember that when a cybersecurity breach happens, bad actors are ready to take advantage of businesses harmed by the event. Never respond to phone calls or emails supposedly from the vendor whose software went down. Instead, reach out through official channels to verify the communication's authenticity.

The CrowdStrike event was significant, widespread and disruptive to many businesses. Companies need to look at it as an example of what can happen if a company is not prepared for an IT disruption.

©2025