Apr 10, 2025

Protecting Your Business From an IT Outage

In 2024, a major IT outage affected 8.5 million computers and effectively shut down some businesses for days. Read here to learn how to protect your company should something like this happen again.

 

One of the largest IT outages ever happened on July 19. A now-infamous CrowdStrike update caused chaos across the globe as 8.5 million business computers that had updated their software suddenly saw the so-called blue screen of death. While some businesses recovered quickly and were able to resume operations, others were not so lucky.

You may know the background: CrowdStrike provides cybersecurity services to Windows-based computer systems. The incident occurred when the company issued a flawed update to its CrowdStrike Falcon Sensor platform. How did that happen? There seems to have been a logic error that caused the application to fail. Such consequences of flawed control processes are not unheard of but are usually not so dramatic.

The event provides businesses with a reminder to reassess their cybersecurity protocols. Companies should review the following as they seek to improve their protocols and procedures:

1. Reassess automatic updates. Automatic updates are intended to ensure security updates are installed quickly and easily. End users rely on vendors to test those updates before they are launched automatically to be sure they are safe. But the CrowdStrike failure raises the question of whether it would be better to have the company's IT department test all updates and patches on a test server and then manually install the updates at the company level.

2. Revisit cloud strategy. As we have seen, relying on a single cloud provider — whether CrowdStrike, Microsoft Azure, AWS or Google — can result in far-reaching problems. This may be the time to consider switching to a different approach, such as a hybrid cloud environment in which public clouds, such as those mentioned above, are combined with private clouds, either hosted by the company itself or a third-party provider.

3. Vet vendors. In a world with bad actors and deep fakes, cybersecurity is increasingly important. Consequently, due diligence with a software vendor should be expanded to include questions concerning how updates are tested, verified and rolled out; how data privacy protocols are maintained; and what disaster recovery systems are offered.

4. Create backup communication systems. The CrowdStrike failure disrupted Delta airlines for five days in part because the company could not communicate with its flight crews. This highlights the necessity of having backup communication systems. Companies need to be able to reach employees in the event of a company-wide tech disruption.

5. Ensure applicable disaster recovery and business continuity plans. Companies should assess their cybersecurity-related disaster recovery and business continuity plans. Part of this endeavor should include reviewing whether it is possible to roll back to previous working versions of critical software, which can decrease any downtime.

It is critical to remember that when a cybersecurity breach happens, bad actors are ready to take advantage of businesses harmed by the event. Never respond to phone calls or emails supposedly from the vendor whose software went down. Instead, reach out through official channels to verify the communication's authenticity.

The CrowdStrike event was significant, widespread and disruptive to many businesses. Companies need to look at it as an example of what can happen if a company is not prepared for an IT disruption.

©2025


 

MORE RECENT NEWS…


May 08, 2025

Strategic Business Plans: Learning From COVID-19

Business plans have to be flexible because they need to be adaptable to factors that could affect them in the future. That's why management always has to be on the lookout. Read through for some advice on creating strategic business plans in the post-COVID-19 world.


May 07, 2025

Rethinking Mandatory Retirement

While mandatory retirement policies have largely been abolished, some still affect certain professions and perpetuate age-related stereotypes. Advances in medical care and healthier lifestyles allow many workers to remain productive well beyond traditional retirement ages. Read through to explore the challenges and opportunities involved in replacing outdated policies with fairer, capability-based approaches.


May 06, 2025

The IRS Adjusts HSAs for 2026

Every year, the IRS adjusts the limits for Health Savings Accounts. Whether you're an individual or a company sponsoring one, these changes can make a difference in your 2026 financial planning. Read through for the specific changes—which this year are relatively minor.


May 05, 2025

Is This Your Situation: Employees Keep Asking for Cash Advances

Employees keep knocking on your door, needing a cash advance. You want to help them but it’s a huge headache. Read through to learn about a payroll add-on to help you and your employees.


Apr 09, 2025

Employee Health Insurance: What's New?

Employer-sponsored health insurance is expected to remain a dominant part of benefits packages for working families, though affordability and access to care seem to prevail. Read through to learn about the future of employee health insurance.


Apr 08, 2025

Staff Versus Freelance: Nontax Issues

Deciding whether to hire a staff person or a freelancer should be influenced not just by IRS regulations, but by the kind of work to be done and how you want the worker to fit into your company. Read through to read more about the considerations.




More News & Press can be found in our Archive.