So - CrowdStrike took down the world huh? Well... a good portion of key systems to companies using a primarily Microsoft Environment certainly were under the pump.
With some IT professionals losing days of productivity, money lost still to be calculated and a PR nightmare for CrowdStrike the question has to be asked - what could have mitigated this issue?
We will have a more in depth analysis of the issue coming up on the site in the near future, this post is a quick one to say what you should consider next as well as how we can help.
Upcoming Conversations
Many companies and higher ups would like to talk about preventing the issue altogether, however the realists in the IT world know that you cannot guarantee this type of incident won't happen again. This could be CrowdStrike or any other company, so changing your Anti-Virus is no guarantee that you will not be similarly affected in future.
Imagine if you switched from one company due to a major issue, only to be affected when the replacement product undergoes a similar issue and still be down for days with your IT teams scrambling to get you up and running again.
This incident should be looked at as an opportunity to get some extra tools in place so, if this happens with another critical system, you are able to respond quickly.
So what now?
So now you have many options to consider, among those options are our partners. We have been in
discussion with our partners, their solution certainly helped with this incident and got mission critical systems up and running again immediately. The BAU systems were also able to be brought up swiftly, remotely and with customizable automation options depending on user/computer groups.
With the tools provided, there was the ability to run the cleanup operations remotely using PowerShell. This is able to be done by:
Logging into the system with your laptop/computer
Running the application on your phone/tablet (Android or iDevice)
Automating the process to run when computers are detected
With a comprehensive backup option (on-Premises and/or Cloud based) available, mission critical servers can be stood up immediately while the BAU servers are recovered.
One of our other partners also provides incident response capabilities to give you that extra helping hand in the event of these incidents, greatly scaling up your IT Resources when needed to help you get up and running.
How can we help?
Our partners referenced above are Pulseway and Arctic Wolf, we here at SecuriKiwi can help design the solution and get you the best price from our partners in a timely manner. We provide you a solution, success criteria, return on investment (estimated depending on information available) and recommended timelines for deployment all included in our consultation cost.
Comments