In this episode of the SME Growth podcast, Dave speaks with Pete White of Information Solutions/Web Orchard about the recent CrowdStrike software failure that affected millions of computers worldwide. They explore the implications for businesses and provide practical advice on IT security and disaster recovery planning.
You can listen to the full episode here
Listen to the full episode now
Key Topics Discussed:
- The CrowdStrike Incident Detailed examination of the July 19th software update failure that affected 8.5 million computers globally, causing widespread disruption to businesses, airlines, and healthcare providers.
- System Vulnerabilities Analysis of why certain organisations were affected more than others, and the technical aspects of software updates that made this incident particularly problematic.
- Disaster Recovery Planning Comprehensive discussion of backup strategies, including cold storage options, cloud-to-cloud backups, and the importance of having multiple recovery paths.
- Business Continuity Exploration of how businesses can better prepare for IT disruptions, including maintaining offline alternatives and testing disaster recovery procedures.
Quotes to Remember:
"A lot of CEOs and managers woke up the other day not knowing what CrowdStrike was, what it did on their network, and how critical it was."
"At a very minimum, you need to be doing yearly disaster recovery tests, making sure that you can get access to key data, making sure that you've got offsite backups."
"Having awareness of what systems you've got in place and asking the questions of what they do, are they fit for purpose - it's really helpful for senior management to know all about their IT infrastructure."
Top Takeaways:
- System Documentation Maintain clear records of all critical system information, including BitLocker keys and backup procedures.
- Backup Strategy Implement multiple backup solutions, including cold storage options that remain disconnected from networks.
- Support Infrastructure Consider the geographical location of IT support resources when outsourcing, ensuring rapid physical access when needed.
- Disaster Recovery Testing Regularly test business continuity plans and ensure all critical system recovery procedures are documented and accessible.
- Software Updates Understand how your vendors manage software updates and their potential impact on business operations.
- Crisis Management Learn from CrowdStrike's communication missteps during the crisis, emphasising the importance of empathy and transparency.
- System Awareness Senior management should maintain basic knowledge of critical IT systems and their business impact.
- Vendor Assessment Regularly review IT providers and understand their disaster recovery procedures.
This episode provides valuable insights for business owners and managers looking to protect their organisations from similar IT disruptions, emphasising the importance of proper planning and regular testing of disaster recovery procedures.