How can a company be prepared for a global digital disaster?

Read more
How can a company be prepared for a global digital disaster?

In mid-July, a global crash paralyzed the operations of banks, hospitals, airlines, railways, supermarkets and television stations worldwide. The reason was a faulty software update. Experts describe this incident as one of history’s most severe digital crises. Will such situations be repeated? How can companies protect themselves against them? Answers the Exorigo-Upos expert.

On July 19, a global failure of IT systems occurred due to an error in the Falcon program from Crowdstrike. This situation affected an estimated 8.5 million Windows PCs, led to the cancellation of more than 5,000 flights worldwide, and disrupted the operations of thousands of businesses. Although less than 1% of Windows devices were affected, the impact was extremely severe. According to the Polish Economic Institute, direct financial losses for Fortune 500 companies may reach up to $5.4 billion, not counting the losses incurred by Microsoft.

The Internet has become an integral part of our lives, and incidents like these have far more severe consequences than they did two decades ago. This event serves as a stark reminder that even a minor system failure can lead to significant losses. While such situations may not occur frequently, it’s crucial to be prepared for them. The risk of similar incidents is particularly high in the current era of globalization and the dominance of the largest technology companies. But with the right preparation, we can face these challenges head-on.

Digital failure – how to prepare?

The Crowdstrike outage and events such as the pandemic or the conflict in Ukraine have shown how important it is to prepare appropriate emergency procedures.

A Business Continuity Plan should be the foundation of a risk management strategy. It should cover the scope of actions an organisation must take in response to natural disasters, cyberattacks, technological failures, or other crisis situations. In the event of complete infrastructure unavailability, processes and procedures must be included in the plan.

One way to increase the flexibility, efficiency, and reliability of a company’s IT infrastructure is virtualisation. This technology allows you to create virtual versions of computer resources, such as operating systems, servers, storage devices, or networks. Thanks to it, companies can more effectively protect themselves against global failures and ensure the continuity of system operations.

Virtualisation offers significant security benefits in addition to its scalability advantage. Thanks to it, many systems can be effectively managed and repaired remotely, significantly increasing the flexibility and efficiency of operations in the face of problems.

– says Arkadiusz Sikora, Director of Cloud & Infrastructure at Exorigo-Upos.

You may also consider deploying systemless solutions, such as container apps. These are applications that run in containers, which are lightweight and portable virtual environments. Containers isolate applications from the operating system and other applications, which allows them to run in different environments (e.g., Windows) without having to modify the code.

Such solutions are mainly independent of problems specific to individual operating systems. A container contains all the necessary components to run the application, including a minimum operating system version. As a result, applications running in containers are more resilient to differences and problems resulting from different operating system specifications, which increases their reliability and flexibility.

In a significant failure, even the most essential things, such as the ability to log in or effective communication in the face of downed systems, become crucial. Such a situation resembles a massive power plant failure, where the problems grow exponentially: lack of water, inability to buy anything, and non-functioning ATMs. In this incident, the decisive factor was whether we had a solution we could rely on.

– adds Arkadiusz Sikora

Let’s not forget about cybercriminals

In the context of company security, it is crucial to consider protection against cyber threats. Although system failures do not happen often, companies, including those in Poland, are increasingly becoming the target of cybercriminal attacks. When choosing a security system, it is worth adapting it to the specific needs of the company and its level of sophistication and awareness of modern threats.

CrowdStrike is an EDR (Endpoint Detection and Response) software class. Its Falcon platform offers advanced endpoint threat detection and response capabilities, vital in protecting IT infrastructure. Despite the recent problems related to the outage, this should not discourage using similar solutions, as they provide comprehensive protection against more complex cybercriminal attacks.

With growing cyber threats, it’s hard to imagine functioning without EDR software like Crowdstrike. It protects against the most modern attacks by monitoring and analysing the behaviour of cybercriminals. EDR software is precious for organisations that want to secure their endpoints against advanced threats effectively. It provides extensive real-time monitoring, detection, and response to threats, enabling you to quickly identify and neutralise potential attacks. The critical aspect in this case is the “response” aspect, i.e., the system can stop specific undesirable actions based on defined criteria, e.g., cutting off the network after detecting ransomware, preventing its further spread.

– adds Arkadiusz Sikora

Effective disaster recovery procedures to minimise downtime and associated losses are equally important. Developing and testing business continuity plans, which contain detailed procedures for dealing with various types of failures, is essential to ensuring the stability and security of the company’s operations. This allows companies to protect their systems and data better, minimising risk and increasing resilience to unforeseen incidents.

Do you need a reliable IT services provider?

Then, you are in the right place. We would be happy to talk to you about your next project.